More love for the blog

Anyone who has tried to maintain a blog for awhile knows that the marathon of writing and focus needed to keep a blog fresh requires a great deal of sustained effort. Even so, six months between blog posts is a bit much. So I’m working on changing that. (Note, there are other posts on the blog from less than six months ago, but that’s because I’ve back posted some older articles.)


Containers under attack: What your app sec team needs to know

While containers bring the benefits of standardization, isolation, and the principle of least privilege to the development of cloud-based software, they can be a boon for attackers. Containerized applications don’t necessarily introduce any new vulnerabilities, but they do present additional attack vectors.


The Race to Build a Cybersecurity Workforce

Secureworks can’t hire cybersecurity pros fast enough. The Atlanta-based firm that helps 4,400 companies worldwide fend off cyberattacks has about 140 openings at more than a dozen locations globally. Yet filling those positions has become a grueling—and often impossible—task.


Major changes on the way

This year has been an exciting one so far. I’ve tackled a number of data-analysis projects, including investigating data on the cybersecurity workforce shortfall and a deep dive into the National Vulnerability Database.


Cite your sources

Digging into a data point that has minimal citation finds it is more three years older than expected and came from a completely different source.


Two decades

February 2017 marked a major anniversary for me: Two straight decades as a journalist and writer.