9/11’s of the Battle
Our Awareness Proven to be true again and again. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . If you know me, you have heard the phrase, “Awareness is 9/11’s of the Battle.” I use it in every talk, and bring it up in almost […]
A Network is a Network . . . NOT!
Four Conditions … …For Why a Network Can be Anything But a Network! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . I have to admit that infotex is being called into engineering meetings with larger organizations these days that are NOT community based banks. We […]
Risk-Based Authentication Practices
A follow-up on Dan’s 2008 Password Manifesto On the NIST Publication on Digital Identity Guidelines Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . In June 2017, NIST released a special publication on digital identity, NIST SP 800-63, that is starting to get the attention […]
The Risk of AI Risk
Or, the risk of email hypnosis . . . And the other implications of complacency! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Now that the pandemic is coming to an end, most of us are returning to our daily commutes. Are you finding […]
Sometimes Say Sometimes
Another Manifesto A supply-chain manifesto by the author of Never Say Never: A Password Manifesto! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . [Sssshh. Turn out the lights. Let’s lower our inner voices, as I have something to propose that might be a bit […]
Are You Ready to Discuss the GLBA?
A long overdue update, but an update nonetheless. . . Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . “To respond to heightened cybersecurity threat,” as they said, in fourth quarter of 2021, the Federal Trade Commission (FTC) published changes to the 2003 GLBA Safeguards […]
The One Test
The One Test… …Is there a Test that Covers 9/11’s of the Battle? Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Twenty years ago two geek-friends and I debated the following question: “Is there an Audit Test that covers 9/11’s of the battle?” This […]
The Magnificent Seven 2021
Seven Trends . . . that small bank Information Security Officers face in 2021 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcome to the Magnificent Seven, my annual predictive article about the seven trends in technology that will impact the Information Security Officers of […]
R7-2021
Top Seven Risks . . . that small bank Information Security Officers face in 2021 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Once again, I compile this list in preparation for updating our normal board of directors awareness training PowerPoints and movies and such. […]
Incident Response on Steroids!
Turning Letters into Lemonade . . . Could Marketing Messages be Pre-Planned Into Response? Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Something I just noticed: I now know what Yandex is. And I would not have known about this interesting browser had it […]