Nick DeshpandeSolorigate, the ‘Pyramid of Pain’, and the Future of Mitigation: A Rapid AssessmentThe most painful aspects to change within the attacker’s stack are those things the attacker cannot control.4 min read·Dec 22, 2020----
Nick DeshpandeA Short Guide to Hackathon SuccessTime appreciation, asking the right questions, undigitize, scoping… a partial recipe for success4 min read·Apr 2, 2019----
Nick DeshpandeLessons from the Equifax Data Breach ReportThis month’s House Oversight & Government Committee report about the Equifax data breach is worthwhile reading for cybersecurity…6 min read·Dec 18, 2018--2--2
Nick DeshpandeContinuous Improvement to Enterprise Risk Management: The Risk RegisterI recently delivered a presentation to members of ISACA’s Toronto Chapter. I’ve taken the research and feedback from the talk to draft an…8 min read·Apr 16, 2018----
Nick DeshpandeEnterprise Remediation Continuous Improvement: The Risk RegistryA recent GAO report examines the maturity of 24 US Government departments’ security regimes. While subject to different standards and…1 min read·Oct 5, 2017----
Nick DeshpandeEvolutions in Authentication, Authorization, and Accountability: Exploring Zero Trust and…Who are you, and what do you want?6 min read·Jun 5, 2017----
Nick DeshpandeFedRAMP and YouThe Federal Risk and Authorization Management Program (FedRAMP) is a compliance regime to which cloud vendors (i.e. Cloud Service…4 min read·May 29, 2017----
Nick DeshpandeEffectively Combatting Bots in 20172017 marks the 10-year anniversary of Cisco’s declaration that “botnets are the primary security threat on the Internet today.” At the…2 min read·Jan 17, 2017----
Nick DeshpandeA View of Cyber Threat IntelligenceThe business case for establishing a Cyber threat intelligence (CTI) capability is getting stronger in some sectors and verticals, and is…2 min read·May 9, 2016----