The HORSE Project has an app!

Still the best source for security, cyberspace law and IT risk management! The HORSE Project now has its own Android app. Now there is an Android app to help you take it with you. Access premium downloadable content, guidance, tools, frameworks, and other content right from your Android device. Find it here in the Google Play… Read More

Re-Post: C-Suite Slipping on Information Security, Study Finds

The analysis in this article is consistent with my research to date and I thought it worth sharing. I would suggest however that given the input from one of the largest audit firms creates a scenario that I refer to as the “Self-Licking Ice Cream Cone” and should be objectively consumed. It is quite ironic… Read More

Information Security By the Numbers

The Security Trifecta is a comprehensive and innovative approach to holistic security, risk, governance and privacy coverage for the enterprise. Because the methodology is universally applicable and ultimately sustainable, it has become the perfect model for any size organization regardless of business concentration. In fact, the more critical, the more regulated, the more sensitive the… Read More

2012 Louisville Metro InfoSec Conference

I attended the 2012 Louisville Metro InfoSec Conference, now in it’s 10th year, as keynote speaker. The conference is a function of the ISSA Kentuckiana Chapter currently led by Randall Frietzche. Once again, they are pushing the capacity of the venue space due to the increasing popularity of this important conference. On a personal note,… Read More

Risk Management CPM Model

I recently wrote an article about IT risk management and created several illustrations. One in particular stands by itself in terms of depicting a holistic view of the whole risk management life cycle in a critical path method model which I thought would be worth sharing. It would be useful to your ISO 27005 or… Read More

The PCI Challenge

It is frequently in the news.  Reports have been written.  Punitive and compensatory damages have been awarded.  Companies around the globe have been challenged to find the resources required to comply with the Payment Card Industry Data Security Standard (PCI DSS). The prime PCI DSS objective is to protect cardholder data. The prime objective of… Read More

Juris Doctor 135-143 of 161: The Geek Shall Inherit the Universe

Cyber-espionage and Cyber-warfare poses the greatest threat to our society today. No longer are massive militarized forces with the most advanced weaponry the force to fear. The forces to be feared now are computer geeks. A single person or just a few cyber-savvy individuals working together as a team now possess the power to bring… Read More

Gearing Up for the Holidays? So Are Cyber-Criminals

Article Reprint: http://risnews.edgl.com/retail-best-practices/Gearing-Up-for-the-Holidays–So-Are-Cyber-Criminals40304 The holidays typically are the peak season for merchants. Yet at such a critical time of year many retailers still leave themselves vulnerable to significant e-commerce fraud – and the corresponding lost revenue and damaged brand reputation — because they don’t enforce or implement information security best practices throughout the year. While… Read More

Weekly Digest for April 1st

mdpeters New blog post: Weekly Digest for March 25th https://michaelpeters.org/?p=1370 [obDADkenobi]. mdpeters posted User:Imfrom51. mdpeters posted . mdpeters posted 5 items. Risk management plan File:ITRM-Lifecycle.jpg Compliance Risk management plan FISMA mdpeters New blog post: Now Reading: Irrefutable Laws of Leadership – 3 https://michaelpeters.org/?p=1376 [obDADkenobi].

CIO Finance Summit Closure

It is always good to visit with the folks from CDM Media in Scottsdale Arizona. I was invited to participate in a CIO Panel Discussion titled: “Security, Encryption and Fraud: Future proofing the banking system and ensuring greater consumer protection.” Scott Crawford, Managing Research Director, Security & Risk Management with EMA moderated. Mike Kearn, ISO… Read More