Cyber Security – Bill Weber

NIST SP800-171Ar3

June 11, 2025

Did You Catch It? SP 800‑171A Rev. 3 Quietly Dropped in 2024 It snuck past me too—but yes, NIST officially released SP 800‑171A Revision…

Canadian CMMC (CPCSC) Launches

April 30, 2025

Alrighty, let’s have a wee look at the CPCSC launch—Canadian-style, eh? ? “Hold Onto Your Tuques, Hosers – The CPCSC Is Here!” ? O,…

Sign Here Please

March 17, 2023

Sometimes thoughts collide. So bear with me. What happens when you combine a Large Language Model AI (LLM AI) like ChatGPT, malware proof of…

One Control Catalog to Rule Them All

February 25, 2023

In my daily work as CISO, the team spends considerable time, effort and expense to ready ourselves for audits. Normally this means moving huge…

Your Password in Under an Hour

October 18, 2022

Any 8 character password in under an hour?

In 2011 I went back to school to get my MBA. Back then, the thinking was that if you want to speak to business people, it is best to understand their perspective. As a CISO, it has proven to be a very valuable lesson. However, more and more what I am hearing from executives are stories about cybersecurity, not the other way around.

Who Owns Cyber Security Risk?

July 5, 2022

As Chief Information Security Officers, we are often asked to resolve this question. After all, the CISO is responsible for the policies and capabilities of the cyber defense of the organization. But as organizations grow into their Cyber Security awareness, it is often the case that the individual lines of business begin to recognize that it is their bottom line that is impacted – both by good and bad security.

Is the Government behaving like a Startup

June 4, 2022

The Government Services Organization has a team of outsiders called 18F. It emerged from President Obama’s Presidential Innovation Fellows (PIF) program that brings outsiders into government to handle some of its most challenging problems. The team focused on this problem and believes it can get the 6 month process down to 30 days.

Is Crypto Economics about Fiat or Fluidity?

June 3, 2022

Crypto Coins have taken a recent tumble in the markets as traded against Fiat currencies, and it has caused a lot of noise about the future and value of the technology. So, let’s talk about the actual value of Block Chain and, more importantly, where this all must go from here.

What MITRE ATT&CK tells us about prioritizing mitigations

May 23, 2022

defenders use a framework like MITRE ATT&CK when attackers don’t?” The reality of this is that cyber criminals are lazy and only when the easy thing doesn’t work will they find more inventive ways to breach our defenses.