This is a blog for me to think in public about the issues I find interesting in the world of information security and risk.  Topics will range from current vulnerabilities, malicious code, privacy, electronic discovery, and law.  I’ll also talk about information security and risk as a business function as opposed to a technical function.  As I cross deeper into the dark side of management, I understand the value in translating information security and risk into business terms and value.

Leave a Reply

%d bloggers like this: