Julian CohenBreach Readiness FrameworkEvery organization is going to experience a breach. Be prepared.7 min read·Feb 5, 2024--1--1
Julian CohenData Governance FrameworkData Governance is the security team’s responsibility for understanding, identifying, inventorying, classifying, discovering, and…5 min read·Oct 19, 2023--1--1
Julian CohenSecurity Operations FrameworkSecurity Operations is the technology, controls, and processes that allow a security organization to be able to prevent, detect, and…8 min read·Apr 5, 2021----
Julian CohenAn Adversary’s Perspective: 2FABefore you turn on 2FA, think about it from an an adversary’s perspective.5 min read·Mar 10, 2021----
Julian CohenSeven Deadly Sins of Security TeamsWhen I talk to organizations and executives, I see the same security mistakes and misconceptions over and over. I see security leaders…5 min read·Jan 19, 2021--1--1
Julian CohenMature Controls at Any SizeIn this article I will describe a set of basic controls you can implement and scale that any size organization should have.4 min read·Jul 7, 2020--1--1
Julian CohenWhat You Need To Know About Cyber InsuranceMany organizations use cyber insurance to satisfy legal or regulatory requirements, as a financial risk mitigation, or as a last resort…5 min read·Jun 29, 2020----
Julian CohenAdversary-Based Risk AnalysisMost risk analysis is done by assessing potential impact and ease of an attack. This kind of risk analysis that’s done in the absence of…3 min read·Mar 25, 2020----
Julian CohenAdversary-Based Threat ModelingMost threat models start with attack surface or critical assets. Those threat models are useless and lead to bad decision-making. In this…5 min read·Dec 24, 2019--3--3
