Backblog

By Chris Hartley

Threat Modeling

For most of us, the concept of Threat Modeling takes on different meanings based upon our experiences, areas of expertise, areas of interest and comprehension of what constitutes and is defined as a threat by industry and by ourselves.  For man,... Read more

July 27, 2010 Risk Management
By Chris Hartley

Addressing Risk Management Aversion

 

When I think of information security in the broadest sense, I immediately think of managing and mitigating risk.   I know of no more appropriate way in which to view our discipline and have for years and years (largely due to my diverse background... Read more
July 23, 2010 Risk Management
By Chris Hartley

Seven Tips for Effective Incident Response Policies

Incident response (IR)  has great value to IT security professionals. Each incident is unique, but there are some common policies that need to be in place for proper preparation of the response team and the corporate staff. Here are the top seven... Read more

July 21, 2010 Incident Response, Policy, Risk Management