MUSINGS
CIRCIA Cyber Incident Reporting (2024)
CISA requested feedback on Cyber Incident Reporting for the Critical Infrastructure Act of 2022.
This page has a copy of the e-mail I sent to them.
NIST Cybersecurity Framework v2.0 Feedback
NIST requested feedback on version 2.0 of their Cybersecurity Framework in 2023. This page
has a copy of the e-mail I sent to them. It contains 270 control implementation examples.
Generative AI Risk Mitigation
Here are my recommendations to leverage the benefits of chatbots while mitigating the risks. Includes five risk scenarios and seven tips to reduce the risk of using chatbots in a work environment.
Supplements
I take a large number of pills at lunch. People ask about it. The list is included on
this page.
Individual First Aid Kit (IFAK)
Do you have a purpose-built first aid kit? It's a good practice to have a kit close by,
especially when traveling to remote areas. What you carry will depend on where you are
going, what activities are taking place and who is with you. This is what I carry.
San Antonio Haunts
This page is a great reference for friends or family about to come to San Antonio for a visit.
Here are my favorite things to do in San Antonio!!!
Federal Cyber Insurance
The Federal Insurance Office requested feedback on cyber insurance and catastrophic cyber
incidents. This page has a copy of the e-mail I sent to them. It contains five pages of
recommendations.
CIRCIA Cyber Incident Reporting (2022)
CISA requested feedback on Cyber Incident Reporting for the Critical Infrastructure Act of 2022.
This page has a copy of the e-mail I sent to them. It contains six pages of recommendations.
NIST CSF Enhancements
In 2022, NIST requested feedback on version 1.1 of their Cybersecurity Framework. This page
has a copy of the e-mail I sent to them. It contains 10 tips to enhance the NIST CSF,
including maturity levels and recommendations for 25 new controls.
New Braunfels Haunts
This page is a great reference for friends or family about to come to New Braunfels for a visit.
Here are my favorite things to do in New Braunfels!!!
Fires Burn Underground
Leaders please take notice. Hostile nation states, criminal enterprises and insider threat
will not provide courtesy. It's necessary to identify and mitigate cybersecurity risk, to
have appropriate safeguards in place.
vCISOs as Partners
Leaders, please consider Virtual Chief Information Security Officers (vCISOs) as your
partners. vCISOs are in high demand so business development not a consuming motivation.
Give Us The News Quickly, Now!
It’s time for a new format for news programs. The average adult consumes information at
a rapid pace, reading 100 or more e-mail in a typical work day.
Austin Haunts
This page is a great reference for friends or family about to come to Austin for a visit.
Here are my favorite things to do in Austin!!!
RSA is Near, Courtesy to Vendors
The quote "Always be closing" is a mantra for sales professionals. With that in mind, here are tips in preparation for the
RSA conference.
Preparing for the RSA Security Conference
The greatest values of the RSA conference are knowledge gained from the sessions, exposure to emerging security technologies
on the expo floor, catching up with colleagues and making new connections. You need to prepare well in advance to make the
most of the conference and after-hours activities.