Ben Sapiro | Posts

Draft Thoughts

Information Security Human 1.0. These thoughts are my own. I value Risk Pragmatism, Risk Management At Scale and ensuring we respect people's Time and give them Meaning in our risk processes.

2023

In a composable internet blocking doesn't work

Mar 5

2021

Heuristics and information asymmetry

Dec 27

Risk taking comes from information gaps

Dec 26

Start your MTTR timelines earlier

Nov 22

The most useful metric

Nov 21

Trust Doesn't Scale

Nov 4

Complexity Firewall

Nov 3

Process and Not Tools Will Secure the Digital Supply Chain

Jan 3

Assume the enemy knows the system

Jan 1

2020

Time(x) Servers

Dec 30

Misaligned Incentives in Vendor Security Assessments

Dec 29

The return of Investment for SUNBURST

Dec 24

Downstream Exposure / Upstream Breach

Dec 24

Thoughts on the SolarWinds breach

Dec 20

Externalities

Aug 3

Acceptable Risk

Jul 30

The One Risk Statement To Bind Them All

Jul 26

Customer Support Tools - Safeguarding Your Customers

Jul 19

Customer Support Tools - Trusting Your Vendor

Jul 19