Cybersecurity Workforce Development: Real or Imagined Problem?

By Frederick Scholl | May 31, 2018 |

Yesterday DHS and the Commerce Department released their most recent workforce report “Supporting the Growth and Sustainment of the Nation’s Cybersecurity Workforce”.  The report was commissioned by the Trump administration in May 2017.  Having studied this issue from roles in academia, private industry and government, I thought I would share my thoughts on the report.…

Read More

Information Security Risks, Gray Rhinos and Black Swans

By Frederick Scholl | April 10, 2018 |

Information security over the past few years has been obsessed with zero-day vulnerabilities, hacking exploits, and headline-making mega breaches.   Every security risk manager is looking for the “unknown unknowns” that could result in untimely unemployment.  But is that the right approach?  One presentation and one book made me think otherwise. The presentation was Alex Stamos’s…

Read More

Cybersecurity Risk Management for Directors

By Frederick Scholl | December 1, 2017 |

There are many posts on corporate directors’ responsibilities toward the organizations where they are board members.  In fact, corporate directors themselves may be targets for hacktivists or cybercriminals and need to make sure they have adequate protection.  This protection should include both home and professional office.  Directors obviously will have access to sensitive insider information…

Read More

IS THERE A CYBERSECURITY PROFESSIONALS SHORTAGE?

By Frederick Scholl | January 10, 2017 |

There is no shortage of headlines stating the cybersecurity professionals shortage as a fact. For example, this one from Information Week. I have taught security at the graduate level, and can report that all my students found good jobs. But I get a little skeptical after reading all of these headlines from other industries: “The worker…

Read More