Rafal Los

Back in 2015 I wrote an article, right here in SecurityWeek, about process parity. It was a riff off the old adage "garbage in,...

More Cyber Security Tools Can Increase Cost, Increase Complexity, and Reduce an Organization's Ability to be Effective

One of the best comedic routines I've ever had the opportunity to hear is Louis C.K.'s "Everything's Amazing, Nobody's Happy" piece. He makes some...

Corporate boards used to care only about one thing - that your company didn't get breached on their watch. Those days, sadly, are behind...

 Striking a Balance Between Security and Flexibility is Crucial

If you’ve ever heard that Bob Dylan song, you’ll know what I’m talking about. As the music legend serenades you with his unique voice,...

Transparency is an interesting concept, especially for cyber security organizations. I say that as I recently experienced a complete lack of transparency – and...

Are You Accountable for Projects You Have No Authority Over? 

Security has never been about being ‘secure’ or ‘insecure’; I think we as an industry of professionals can broadly agree on this. What we...

In my previous column, I highlighted the incredible urgency around creating a strategy and executing on it—maniacally. Of course, it’s never that simple, is...

Even With Lower Capital Costs on Paper, the Cost of the “Fire, Ready, Aim" Approach is Reputation

After a particularly strange exchange with a new connection on LinkedIn I felt the need to write a post on my profile calling out...

The Williams Grand Prix Engineering team currently owns the record for the fastest pit stop in Formula One at 1.92 seconds. Think about that....

As a Security Professional, If You’re Not Having Your Work Peer Reviewed You’re Not Doing it Right.

I want to live in a world where security can be made simple. It’s that simplicity that’s inherent in business logic, technical designs and...

In cyber security, it feels like at least once a week there’s a news story that gets people spun up in a panic. While...

I’m often asked why I run a team entirely dedicated to researching, developing and implementing various program frameworks – when so many security organizations...

Passwords. The favorite topics of security pundits. This fundamental component of security is one of our favorite things to talk about, hypothesize about, and...

Distract Your Enemy While You’re Taking a Few Extra Moves to Kick Them Off the Board

I don’t know about you, but I’m rapidly closing in on twenty years in this industry. I’m blessed enough to have held a variety...