Home
Chris Ray
The 3 questions to ask during an cybersecurity interview
Interviewing, and being interviewed for that matter, can be a stressful event. If your like me, than it doesn't matter which side of the table your on. You approach this situation with the same focus and zeal you do a…
Chris Ray
Jan 11, 2022
An introduction to the Cryptocurrency Security Standard (CCSS)
The Cryptocurrency Security Standard (CCSS) Good morning everyone, today I bring to you a short post on a relatively new development in the crypto-cyber security world. First lets level set with everyone so we can understand why we are talking…
Chris Ray
Jan 8, 2022
Your guide to DeFi aka OPEN finance
If you think back to my introduction to Crypto, which is found here: https://infosecforhumans.com/crypto-for-humans-or-anyone-in-tech/ - You will remember that crypto is attractive because it is decentralized, not controlled by a central bank or government. This idea is…
Chris Ray
Jan 7, 2022
Crypto 101 for humans (or anyone in tech)
Hello crypto In this article I want to introduce some critical concepts for success in the crypto world. The ideas covered in this blog post are aimed at anyone who still feels like crypto just isn't for them, but they…
Chris Ray
Jan 6, 2022
Who should the CISO report to?
For my non-technical friends and people who are on the perimeter of tech (or even security for that matter), the question of who does the CISO report to is a not a question at all. They always espouse the standard…
Chris Ray
Jan 6, 2022
What is the Minimum Viable Secure Product (MVSP)? And why should I care?
What problem does it solve?The way we approach vendor risk management today is built around the concept of asking questions through questionnaires. The questionnaires are almost always a "one off" for each organization, which brings with them all the…
Chris Ray
Oct 28, 2021
MFA Factors: Knowledge
In the previous post we level set and I discussed how the CISA has classified "single" factor authentication (aka passwords alone) as a bad practice. We also reviewed at a high level what MFA is and the major components that…
Chris Ray
Oct 15, 2021
MFA: Types of factors
Recently CISA moved the use of a single factor (password for instance) into the category of "bad practices". Listen, its time! You should be adopting multifactor authentication (MFA) for everything. CISA moving 1FA onto the naughty list just made it…
Chris Ray
Sep 14, 2021
Types of security frameworks
If you are here, reading this than I can assume you have questions. Maybe you have just started your search and stumbled across this article, but it’s also just as likely you have been searching for a while and…
Chris Ray
Sep 9, 2021
The New CISO: What type of CISO are you?
Let me share a story with you...Picture this, an “executive” level meeting is called at a medium sized organization. The invitation included the CEO, CFO, CISO, COO, VP of IT, a Sr. Engineer from the technical team & the…
Chris Ray
Sep 2, 2021
The new CISO series: 3rd party risk
As a new CISO, even as an established CISO, you will always have to review and keep current your 3rd party & vendor risk assessments. These 3rd parties must offer a critical component to your organization, otherwise why do they…
Chris Ray
Aug 30, 2021
Do these 3 things today to level up your Security skills
I won't dilly dally, that's the point of this article...But I do want you to know where these ideas came from, it’s important to understand that these are not just pulled out of thin air. Instead, these are…
Chris Ray
Aug 20, 2021
Page 1 of 3
Older Posts