young coworkers working

Cloud

Security, UC&C, Cloud: Think of the Influence You Can Make This Year

“We always overestimate the change that will occur in the next two years and underestimate the change that will occur in the next 10. Don’t let yourself be lulled into inaction.” – Bill Gates  As an IT leader, you most likely can recall a moment—or moments—in time in which you have lost influence. Perhaps it […]

02.08.2017

Cybersecurity

Security

Why Reading This Will Not Raise Your Security Game

I absolutely love the fact that information assurance and security is such a hot topic. It makes me ecstatic to know that an area so critical to organizations in nearly every sector is becoming a more top-of-mind conversation. People are consuming content, going to conferences and getting inspired to take action. But the truth is, […]

02.07.2017

Data Protection

Security

Assumption of Breach Part IV – Technology

We have reached the end of the line! After discussing the importance of a robust defined security policy in my last blog entry, in this post I’ll be tackling the fourth and final foundational element in an effective security program—technology. Security technology can be broken down a number of different ways, but at Carousel, we […]

02.04.2017

State House in Providence, Rhode Island

Security

Cyber Security Q&A with Rhode Island Congressman Jim Langevin

Last year, I had the honor to accompany longtime friend and Rhode Island Congressman Jim Langevin to the State of the Union Address as his guest. Congressman Langevin was gracious enough to extend the invite due in large part to our shared passion for cyber security and workforce development. As co-chair of the Congressional Cybersecurity […]

02.02.2017

Risk Management

Security

How to Be a Risk-Ready CISO

Today’s information security leaders are quickly maturing into strategic business thinkers, growing beyond the traditional technical purpose of initiatives like implementing the latest firewalls or malware detection tools. The days of the CISO who is exclusively a highly-qualified network engineer have come to an end. Instead, the effective modern-day CISO has that strong technology foundation, […]

01.31.2017

Business People Planning Strategy Analysis Office Concept

Security

Assumption of Breach Part III—Policy and Process

In my last blog entry, I discussed the first of three foundational elements for a security program: all of the people who interact with your organization’s systems and data. In this post we’ll tackle the next element of cyber security—policy and process. For the purposes of this post, I am going to use these two […]

01.30.2017

Security concept with businessman and hacker hands on laptop keyboard.

Security

Assumption of Breach, Part II—The People Element

In the first installment of this series I discussed the need for organizations to change their approach to cyber security to an “assumption of breach model,” or an understanding that in today’s threat landscape, it is unrealistic to thwart 100 percent of malicious attacks. That previous post also mentioned that this new approach should focus […]

01.16.2017

Security

Understanding Adversary Intent

In the spirit of the first Presidential debate, I would like discuss the topic of cybersecurity, which was one of only a few words NBC moderator Lester Holt was able to squeeze in. Even though at times the debate seemed less like a diplomatic dispute and more like a drunken quarrel between two sports fans […]

10.18.2016

Security

Aligning IT and School Administrators for Security Success in Higher Education

A decade, or even a few years ago, cyber security issues would not have been on most university and college presidents’ minds. In this new world, however, where major American political parties and government agencies are being compromised, these educational leaders must be focused on protecting their institutions from malicious actors. Like leaders of large […]

06.23.2016