"If it bleeds, it leads..." We have a perverse fascination with autonomous vehicles, especially when they fail, and even more so when there is a fatality.
Security debt is the accumulation of the patches missed, the risks accepted, and the configurations misapplied. Many enterprise security problems arise when the bill comes due.
There is renewed interest in the zero trust security model as everyone tries to make sense out of how to get better security through "no trust." CIOs and CISOs should be looking at thinking about how this security model relates to their organizations.
Every supplier and third party vendor has different behaviors, abilities and knowledge. Developing a personality profile for each supplier can help organizations decide how much effort they need to spend managing that relationship as part of an effective infosec and privacy assurance program.
Everyone has their own story about who they are and what they do. LinkedIn CISO Cory Scott describes how to use people's personal narratives to put together security teams that have a diverse set of skills, problem-solving, and experiences.