Part I - Enabling True Risk Ownership
Part I - Enabling True Risk Ownership Blog Series - Clearing Obstacles to Risk Accountability This blog series is a four …
Hard Truths About Vulnerability Management
During the Harden phase of the Harden, Detect, and Respond process, a company focuses on finding weaknesses in its syste …
Managing Risk for AI Systems and Applications
Artificial Intelligence systems like GenAI have a massive opportunity to improve the overall quality of human life, but …
Managing AI Expectations Through the lens of Cybersecurity Trust Modeling
How much did you trust Clippy? Remember the generative LLM-based support assistant AI chatbot for Microsoft Office? That …
Narrowing Focus in Forensic Investigation
An incident responder is a storyteller. We tell the story of an attack sequence by gradually uncovering artifacts and in …
Writing Effective Policies and Procedures for CMMC
During a CMMC journey, the self-assessor must meet objective requirements using “specifications”. Specifications are doc …
The CMMC Skillset for Success
The first M in the CMMC assessment framework stands for maturity, and that's exactly what is needed to get through a sel …