Why Three Teams
Another opinion on the matter An Article Review by way of a Dan’s New Leaf Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . For years now we have been defining a SIEM as three teams working together as one. The Security Operation Center, the […]
LLM Productivity
While Fleshing Out LLM Risk Measurement A Layered Risk Discovery Process with Conditional Questioning Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Sssshhhh. I’m late finishing up an article (called the CIA Pyramid, it’ll be good!) and I feel bad because Bryan is as […]
MetaPrompts
A short post about ChatGPT How I ask GPT to help Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Over the year . . . it’s only been about 18 months since I first started benefiting from ChatGPT . . I have evolved a […]
The Heartbeat of Our Communities
The Essential Role of Community Banks An Essay from one of our new hires Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . We’ve recently hired several more people, and in this process I asked one of them . . . Tony Johnson, our new […]
Beyond Red Teaming
The Problem with FFIEC Guidance And A Solution! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . What Is Red Teaming? Are you wondering if you should be “doing” some Red Teaming? Since we started our company in 2000 we have been trying to educate […]
CISO Liability
Who is at risk? Are you covered? Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Assuming we can believe SolarWinds now, in June of 2020 they suffered a breach that we didn’t learn about until December, thanks to FireEye. Their CISO finally filed a […]
A Tale of Concentration Risk (part 2)
Part Two Banana Splits Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . This is part two of “A Tale of Concentration Risk”, which started with Dan‘s phone not working the way he wanted it to. Part Two is not a rant. It is a […]
A Tale of Concentration Risk
Part One The Banana Ecosystem Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . It took me three times to voice-type the title of this blog post. I suffer from what they call Concentration Risk, in vendor management systems. Love at First Bite I’ve been […]
The Dawn of Threat Intelligence
Bleeding Snort Another History Lesson Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Threat intelligence is a huge industry in 2024, but it wasn’t always like that. Given that I’m nearing the end of my one-year blitz of weekly Dan’s New Leafs, and I’m […]
Mutiny in KC
The dawn of the Basic SIEM An early SIEM value delivery Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Recently, a friend of mine marveled at how the SIEM, even a basic SIEM, can deliver surprising value outside the realm of cybersecurity. Because we […]