Recently, we spent a weekend in a private hut close to Ottenleuebad, a small town in the mountains between Freiburg and Thun. Besides the amazing weather we really enjoyed, Ottenleuebad has a nature park close by: Gantrisch which we used for daily activities.
Continue reading winter wonderland ottenleuebad – switzerlandInfosec Reading List – January 2021
On a monthly basis I will publish my reading recommendations which mainly focus on Information Security and Outdoor Sports.
All InfoSec Reading Lists can be found here.
Continue reading Infosec Reading List – January 2021Infosec Reading List – December 2020
On a monthly basis I will publish my reading recommendations which mainly focus on Information Security and Outdoor Sports.
All InfoSec Reading Lists can be found here.
Continue reading Infosec Reading List – December 2020Considerations before Firing Your CISO
You and I will get breached – one day – it’s just a question of time. This is what the security community considers as the “assume breach” principle. In order to learn this mantra, we had to go through some pain: hundreds of data breaches throughout the last years and decades of companies of all sizes have demonstrated that it can and potentially will happen to everyone one day. Even worse – this can even happen to companies with strong security teams and budgets available. Strong infosec teams & culture will probably delay the breach but is no guarantee to finally prevent it.
And who is expected to prevent all this from happening: the CISO!
In this article I would like to discuss why firing your security executive (CISO/CSO) in case of a breach is not always the best step you should take. I will bring up some discussion points that raise questions whether problems could reside much deeper in your organization and making pawn sacrifices is rarely resolving the problem completely.
This article has been flying around for some time on my todo-list and it’s far from perfect since discussions could get into much more details – but I hope I’m able to transfer the core points of my opinion.
Continue reading Considerations before Firing Your CISOInfosec Reading List – November 2020
On a monthly basis I will publish my reading recommendations which mainly focus on Information Security and Outdoor Sports.
All InfoSec Reading Lists can be found here.
Continue reading Infosec Reading List – November 2020