eaescob
-
My take on RSA 2023 and why buying security tech is so difficult Another year and another great RSA 2023. It was great catching up with new and familiar faces and learning from every conversation. I had an amazing time with Shomik from and Ed Sim from and Boldstart as well as new faces who…
-
Why trying to manage security risks by yourself is a mistake Far too many times I hear stories or comments from people dedicated to information security that nobody else cares about security, that they have a hard time getting other teams to respond to security issues, or cannot find a way to partner with other…
-
Looking ahead at what security will be in 2023 Start writing today. Use the button below to create your Substack and connect your publication with Emilio’s rants Start a Substack With another year starting, it is proper for me to jot down my security predictions for 2023. I understand there are plenty of them out…
-
Why considering people celebrities is a bad idea It has happened again, a heads up was given about a vulnerability in a widely used open source library (OpenSSL) was announced – For reference see their blog post. For historical context, OpenSSL is the biggest implementation of encryption functions and is widely used by common services…
-
Why focusing on trust & safety can lead to organic risk management Today, organizations are continuously looking for more agility and velocity. They all want to streamline their processes and become more effective at what makes them successful. This requires every department to be productive and move at the pace they can sustain while also…
-
Understanding that changes are living organisms within an organization Congratulations! You’ve been empowered by your current organization and you’ve decided that something is broken and needs changing. Hopefully you have selected the right timing for the change and understand the culture of your organization. If not, I highly recommend you stop right now and take…
-
At every security or technology conference, we get to witness the vast collection of security companies who are begging for your time and attention. Each and every one of them claims that they can solve some of your security problems without any official claim as to how effective such products will be for you. Security procurement…
-
Before I begin, I want to start with the caveat that my entire security leadership experience has been for technology companies (whether consumer technology or SaaS). That means that my perspectives will be different than those who have been involved with other industries (so pardon if this doesn’t fit what your opinion). Why I am…
-
Book Review: Agile Conversations: Transform your conversations, Transform your Culture — A book to pay attention to! Lately I have been spending a lot of time thinking about culture and what type of environment as a leader I naturally gravitate towards building for my teams. In a timely fashion, the folks from IT Revolution (publishers of the…
-
Unicorn Project: My Personal Review — A must read! I am honored and humbled to be asked to review Gene Kim’s latest book: The Unicorn Project. A bit of context, I’ve been a huge advocate for cross-team initiatives that include developers, product, operations, security, and the business to collaboratively work on solving problems. Being a security leader, I’ve…
My own thoughts 