I’ve been trying to clean up my document repositories and found a talk I gave at RSAC back in 2016 that brought back some thoughts I’ve been having recently about cyber resilience and how to pull together a strategy to ensure a new CISO is focusing on the right things.
Perhaps I’ll weave some of this plus a lot of things I’ve learned over the past few years into a new talk for RSAC in 2023. For now, I hope someone finds this content somewhat useful.