May 9, 2025 Early in 2024 I met Ms. Vergara-Cobos at a conference where we shared some information about our recent respective work activities. She disclosed to me about her work leading a research study at the World Bank that focused on how cybersecurity impacts the growth of developing countries. This struck me as a […]
Meet the experts that are working in the front lines of active cyber defense – from researchers and product managers that are building the next generation of adaptive defenses, to the specialists that deliver proactive security services and run the intelligent networks today. Learn about how the experts are addressing the latest threats through active cyber defenses. Check out the event calendar in the Help Center to find out about our upcoming interviews.

February 19, 2025 At the beginning of each year, for the past 10 or more years, I am excited to get the invite from my friend Larry Gordon to make the trek to the University of Maryland to attend the annual, day long forum on Financial Information Systems and Cybersecurity: A Public Policy Perspective. This […]

October 23, 2024 I received a call a while back from my good friend, Jim Rice, who wanted to introduce me to a company with whom he had been collaborating on a solution. Jim has a knack to be on top of the next big market wave – in this case it was zero trust […]

August 12, 2024 It seems that most of the emails, articles and webinar invites I receive lately have Gen AI and [in]security as part of the headlines. Also, I was reading some of the reports coming back from BlackHat and it seems those same headlines (and the Crowdstrike debacle) were the major items of interest. […]

July 19, 2024 I have been interested in network access control technology since my days working on trusted computing and high assurance platform initiatives for different government entities. And today, with network access control comprising a key element of the zero trust cyber architecture discussions, I can understand how such offerings from Forescout Technologies are […]

July 10, 2024 I like returning each year to the AFCEA Technet Cyber Conference as it always has a lively exhibit hall and interesting panels and discussions. It is also focused quite a bit on government issues and solutions, although not exclusively, as members of the IC, DoD, and other federal agencies provide their insights […]

July 8, 2024 I remember making the case for automated and continuous risk assessment many years ago when the NIST Risk Management Framework (RMF) was first being drafted and put through some public review processes. Back then, the main focus of the RMF was enterprise IT systems. And back then, there were no tools that […]

April 2, 2024 Software Bill of Materials (SBOMs) have been a hot ticket even before they were listed as a key initiative for secure software development practices in the National Cybersecurity Strategy of 2023. I started to track SBOMs progress when I heard a presentation by Alan Friedman, one of the early evangelists who was […]

February 29, 2024 One cybersecurity area that I tend to spotlight involves vulnerability management programs. From vulnerability discovery, disclosure, sharing, prioritization, and remediation, there are many different types of tools, processes, and programs that can be employed to manage this problem. One unique vulnerability management program that has evolved significantly over the years is bug […]
