Our Thinking

Jerry Holcombe

Recent Posts

If Patching Vulnerabilities Were so Easy Everyone Would Do It

Posted by Jerry Holcombe on Jan 11, 2017 10:42:25 AM

Patching – one of the surefire ways to help your organization mitigate the risk of being compromised due to software defects or security weaknesses. As security professionals, we’ve seen the gambit when it comes to patching, on one end of the spectrum there are organizations where half or more of their servers haven’t been patched in years and on the other end there are those where they validate build specs and spin up new servers multiple times a day.

Read More

Topics: Security

Have You Vetted Your Business Partners Lately?

Posted by Jerry Holcombe on Dec 20, 2016 10:43:52 AM

We’ve heard all the horror stories… Target, Jeep, Michael’s… and sadly, the list keeps growing. Third-Party risk management issues have been the talk of mainstream media for some time now. Who hasn't been personally impacted, or known someone who has had their personal data exposed? As security professionals, we are often asked to help organizations complete Third-Party risk assessments, but are the 800-question questionnaires actually helping mitigate risk? Would it be more beneficial to see the results of your Third-Party’s pen test? Let’s take a deeper dive and ask, how much scrutiny is ‘enough’?

Read More

Topics: Security

Do You Know Jack About Managing Cybersecurity Risk?

Posted by Jerry Holcombe on Apr 8, 2016 2:56:08 PM

I went to this year’s RSA Conference in San Francisco with the intention of learning more about risk management, which led me to select sessions called “Advancing Information Risk Practices,” “How Infosec Maturity Models are Missing the Point,” and “How to Measure Anything in Cybersecurity Risk.” While I was intrigued by all of the presenters, it was Jack Jones that drew me in. All three of the sessions, even if not presented by him, centered on his body of work and/or examples that supported his thinking.

Read More

Topics: Security

Going Long – A Tale of Two Passions: Business Transformation and Triathlon Training

Posted by Jerry Holcombe on Jul 28, 2014 3:14:36 AM

To the casual observer, when I'm training for triathlons, it may look like I’m just hard at play. However, that is when I do a lot of my deepest thinking and churning of thoughts. (What else are you gonna do with an hour staring at the bottom of a pool?!) One of my streams of thoughts was around some of the training activities I needed to do to prepare for my big triathlon this summer, and that many of the training concepts could also be applied to preparing for and implementing business transformation: What are my goals for this year? What is my current fitness level? Which skill area do I need to improve? Do I have the right equipment? Should I hire a coach this year? How am I going to stay injury-free? How am I going to stay focused on training among family, work, and everyday life?

Read More

Topics: Business Transformation

Our Thinking - The Online Blog is a source for insights, resources, best practices, and other useful content from our multi-disciplinary team of Onliners.

Subscribe to Blog Updates