Overview I think it's important to keep in touch with technology and maintain a hands-on perspective so that what you talk about is not just theoretical but practical and based on fact. As hardware becomes more and more abstracted and lab environments end up being in the cloud or within some virtual environment where you [...]
. Prompt Engineering is an essential skill for anyone working with Generative AI systems. Whether you're a developer, researcher, or just someone with a keen interest in AI, learning to communicate effectively with these systems can significantly improve the outcomes you're aiming for. This is generally the first rite of passage when interacting with LLMs. [...]
The pace at which generative AI is advancing and changing is a site to behold. I have immersed myself in it as much as possible. Multiple daily newsletters, video updates and how-to articles. Reviewing research papers, watching trending AI GitHub repos, listening to thought leaders, and trying to understand where we are, and where we [...]
Back in October of 2023, I was invited as a guest speaker at the ISC2 Global Security Congress in Nashville, Tennessee. However, that plan was thwarted at the last minute by American Airlines whom decided that an 18 hour layover in New York was just fine, and there were no other options to get there [...]
What is the Verizon DBIR? The Verizon Data Breach Investigations Report (DBIR) is an annual report that analyzes and presents data on cybersecurity incidents and data breaches. It is widely respected and closely followed in the cybersecurity industry due to its comprehensive and data-driven approach. The DBIR leverages data contributed by dozens of global organizations [...]
[Post 31 of 30] In this recap post, I am going to lay things bare. Some thing worked well and some things fell flat. And I mean completely bombed. The goal of this post is to show the insights I gained from this experience, and hopefully others can get some benefit from walking through the [...]
[Post 30 - 30 in 30] Effective cybersecurity management involves leveraging a variety of tools and resources. Three such tools, CVSS (Common Vulnerability Scoring System), EPSS (Exploit Prediction Scoring System), and CISA KEV (Known Exploited Vulnerabilities), are critical for identifying, assessing, and mitigating potential threats. Harnessing CVSS, EPSS, and CISA KEV The first tool, CVSS, [...]
[Post 29 - 30 in 30] Introduction The Cybersecurity and Infrastructure Security Agency (CISA) has updated its "#StopRansomware Guide" in May 2023. This guide is a treasure trove of strategies to combat ransomware attacks. But what does it contain, and how can you use it to protect your digital assets? Let's dive in and find [...]
[Post 28 - 30 in 30] As more and more cyber attacks occur, sometimes the threat actors can get lost in the news of the attacks that occur. This is more often the case as they dismantle operations or rename, or regroup. In this article I will discuss 3 relatively new threat actors, their origin [...]
[Post 27 - 30 in 30] As a cybersecurity professional, you understand the critical importance of continuous learning and staying ahead of the ever-evolving threat landscape. To further enhance your expertise and insights, we have curated a selection of 10 influential cybersecurity books written in the past decade. These books, authored by renowned experts, hackers, [...]
Designing Risk in IT Infrastructure 