TakeDownCon 2015 Keynote Address

I’m honored to be invited to EC-Council’s TakeDownCon keynote speaker for the 2015 event. TakeDownCon brings together information security researchers and technical experts from corporate to underground industries, to a unique “Ethical Hacking” conference. In two days, they will present and debate the latest security threats, disclose current vulnerabilities, and share information crucial to the… Read More

Resistance is NOT Futile for Cyber Insurance Casualty Insurers.

If you think that the business general liability or even purpose built cyber insurance policies will cover you in the event of a cyber-security breach, it’s highly likely you are mistaken. In fact, it is in your carriers best business interest to deny your claim. Chances are the exemptions in your policy exclude coverage for… Read More

Low-Hanging Fruit Anyone? Why cyber-criminals are looking for you.

Cyber-crime is largely a crime of opportunity. Just like a burglar cases the neighborhood looking for easy pickings. Cyber-criminals case the Internet looking for victims who make it easier to steal from them, the companies they lead or belong to. By adhering to the Security Trifecta® and implementing a proactive cyber security strategy based in… Read More

Did you know that there are only four types of cyber security incidents?

My career has been devoted to both the art and the science behind information security. When I speak of the science, I am referring to the technology and the process we immerse ourselves into as we set about securing our organizations we are charged with protecting. When I speak about the art, I am referring… Read More

OSI Model Layer 8: The Carbon Layer

Just one of the many reasons my vocation and avocation is centered on information security is that things tomorrow will not be quite the same as they were today. There is always someone innovating out there for better or worse. I cannot imagine this challenge subsiding which is quite thrilling and for some, quite distressing. Any… Read More

The New Social Security: When Social Media Meets Social Engineering

The convergence is upon us all; this influx of technology intermingled with information infused now in every possible facet of our business and personal lives. We live in the presence of infinite possibilities through technology. Business is being propelled into new trajectories never before possible. Out social spheres and human interpersonal interactions have all been… Read More

Survival Guidance! Resource for SSAE 16 SOC 2 Readiness Audits

Survival Guidance! MichaelPeters.org and LazarusAlliance.com is making our auditor’s resource for assessing the procedural and technical controls free. This is a resource based on the SSAE 16 SOC 2 framework you may freely use to conduct your organization’s readiness audits. Your results are private and the output is sent to you without charge. It’s just… Read More

Survival Guidance! Resource for SSAE 16 SOC 1 Readiness Audits

Survival Guidance! MichaelPeters.org and LazarusAlliance.com is making our auditor’s resource for assessing the procedural and technical controls free. This is a resource based on the SSAE 16 SOC 1 framework you may freely use to conduct your organization’s readiness audits. Your results are private and the output is sent to you without charge. It’s just… Read More

Survival Guidance! FedRAMP and FISMA Resource for Assessing the Security Controls in Federal Information Systems and Organizations

Survival Guidance! MichaelPeters.org and LazarusAlliance.com is making our auditor’s resource for assessing the security controls in federal information systems and organizations free. This is a resource based on the NIST 800-53A framework you may freely use to conduct your organization’s FedRAMP, HIPAA or best practice based security audits. Your results are private and the output… Read More

Survival Guidance! Resource for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule.

HIPAA Survival Guidance! MichaelPeters.org and LazarusAlliance.com is making our auditor’s resource for implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule free. This is a resource you may freely use to conduct your organization’s HIPAA security audits. Your results are private and the output is sent to you without charge. It’s just on… Read More

The Security Trifecta – Governance Made Easy: CISO Executive Summit Keynote

The CISO Executive Summit 2013 – Minneapolis I enjoyed delivering the closing keynote at the CISO Executive Summit this year and getting the opportunity to collaborate, strategize and even in some cases, commiserate with my information security comrades from across the industry. The good folks at Evanta organized the event with direction from the event’s… Read More