Archive for the “startups” category

Introducing Cyber Portfolio Management

by adam on February 21, 2017

At RSA’17, I spoke on “Security Leadership Lessons from the Dark Side.” Leading a security program is hard. Fortunately, we can learn a great deal from Sith lords, including Darth Vader and how he managed security strategy for the Empire. (…)

Read the rest of this entry »

A New Way to Tie Security to Business

by adam on June 20, 2016

As security professionals, sometimes the advice we get is to think about the security controls we deploy as some mix of “cloud access security brokerage” and “user and entity behavioral analytics” and “next generation endpoint protection.” We’re also supposed to (…)

Read the rest of this entry »

Sneak peeks at my new startup at RSA

by adam on February 18, 2016

Many executives have been trying to solve the problem of connecting security to the business, and we’re excited about what we’re building to serve this important and unmet need. If you present security with an image like the one above, (…)

Read the rest of this entry »

Seeking a technical leader for my new company

by adam on July 30, 2015

We have a new way to measure security effectiveness, and want someone who’ll drive to delivering the technology to customers, while building a great place for developers to ship and deploy important technology. We are very early in the building (…)

Read the rest of this entry »

Threat Modeling At a Startup

by adam on December 1, 2014

I’ve been threat modeling for a long time, and at Microsoft, had the lovely opportunity to put some rigor into not only threat modeling, but into threat modeling in a consistent, predictable, repeatable way. Because I did that work at (…)

Read the rest of this entry »