IT Risk conversation

COSO and IT Risk Frameworks don't integrate well, and that is a problem

Community of Sponsoring Organizations, essentially the large audit/consulting firms are big propone...
Posted on 3/6/2014 11:09 AM by appolloconsulting | Comments (0)

Beware... the Chinese are coming... or should we say don't wait to install a telephone until you need to call 911.

So two things happened today. While talking about the need to get the business folks excited about ...
Posted on 3/7/2012 11:20 PM by appolloconsulting | Comments (0)

Constant drumbeat on security breaches is wrong way to gain attention

IT Security industry does a great disservice to itself by constantly portraying itself as the great...
Posted on 3/5/2012 6:05 PM by appolloconsulting | Comments (1)

SQL Injection story is 14 year old and still the monster is far from being tamed

On March 1st,  I was invited to speak at the CampIT conference on Enterprise Risk/Security Manageme...
Posted on 3/4/2012 4:17 PM by appolloconsulting | Comments (2)