Is It Time for Your Organization to Form an AI Ethics Committee?
Do you need to set up an artificial intelligence ethics committee if you are using this technology? Google certainly thought it did — until it changed its mind. Of course Google is one...
7 Cloud Myths Debunked
Don't let misconceptions cast a shadow over your organization's ability to get the most out of the cloud. Here are 7 cloud myths that should be relegated to history.
Myths can be fun...
6 Hot IT Leadership Trends — and 6 Going Cold
As the CIO role becomes increasingly strategic, risk aversion and a results-oriented mindset take a backseat to increasingly influence and driving organizational change.
Cloudy With a Chance of Automation
Securing the cloud requires a different mindset than securing your on-prem infrastructure
Adventures in securing the cloud
As cloud operations become increasingly popular,...
Debunking the 5 Biggest DevOps Myths
Think you know everything about DevOps? Experts debunk five of the most common misconceptions.
"DevOps" is a term that gets thrown around a lot, but sometimes even seasoned software...
GDPR – Perspective from a Seasoned Auditor 3 Months in @ BoxWorks
This week, I had the privilege of sitting on a panel, with Crispen Maung, the chief compliance officer at Box along with Hendrik Reese, a senior manager and GDPR practice lead from...
Rolling the Dice on AI
Moving forward, I would like to see machine learning incorporated in to web application scanning, an area untouched by AI today.”
Crypto Currency Hacking Is Not About The Coin
Two weekends ago the South Korean cryptocurrency exchange Coinrail announced a hacking attempt on its website. With no more detail than a statement that said there was activity of a...
Could updated controls from NIST drive up cloud security costs?
Among the biggest complaints about the cloud security program known as the Federal Risk Authorization Management Program (FedRAMP) have been the cost for vendors and the time it takes...
The Wacky World of GRC
Few areas of technology are as contradictory as governance, risk and compliance. A company might do everything to be secure yet still not be in compliance.
“Keep It Simple” and Just Call Me SOC
You have probably seen blog articles circulating about the "new change" to SSAE 18, including Schellman’s article in Accounting Today. Yes, the new standard imposes some...
Auditing DevOps – Developers with Access to Production
DevOps, like Agile development before it, accents the continuous evolving state of software development, particularly in cloud-base software. Like any technology change, there is no surprise that...