Caffeinated Risk

The convergence buzzword has come and gone and some organizations have struggled to reap the benefits of physical and cyber security departments working in tandem toward common goals.  Michael Lashle…

Calgary was an ICS cyber hub before most knew such measures were  necessary, Terry Freestone was one of the ICT specialists from those early days who now applies his decades of hard-won knowledge  in…

Keeping up the accidental annual tradition Tim and Doug take a retrospective look at risk management as a mid-year pulse.  The 10th annual Cyberthreat Defense report forms the underlying theme but di…

One of the original authors of the ESRM framework, now in it's tenth year,  and Caffeinated Risk's first guest returns to discuss how data science is changing security and risk management.  While alc…

Threat modeling expert and inventor of one of the world's first attack tree modeling  products talks about how to integrate subject matter expertise into the risk equation, the answer may be surprisi…

Factor Analysis of Information Risk (FAIR) and Enterprise Security Risk Management (ESRM) took different evolutionary paths yet share a lot more commonality than catchy 4 letter acronyms and  mainstr…

 In addition to hybrid work and regular time in the office being the new normal, 2023 marks the year Caffeinated Risk's co-host Tim McCreight serves as the president of ASIS international.  ASIS has …

Realtors have long advocated  "location, location, location" as a path to investment  success. Fast forwarding  a few generations,  location intelligence applied to risk management is paying dividend…

A great discussion point that didn't make it to air from the original 2021. Not all data is of equal value to the organization and the viable shelf life is seldom tracked or even discussed.

This espr…

Communication isn't effective until the receiver understands the message well enough to take action. That pretty much sums up the challenge facing many risk professionals today, something Paul Mercer…

Co-author of the original book on Enterprise Security Risk Management, it only made sense to have Rachelle be the first Caffeinated Risk guest.  Like many guests, there was just too much material for…

Anyone with a bit of time in the security industry is well acquainted with Murphy's law but  crisis management specialists are who you call when things suddenly get very real.  While common security …

Recorded two days after the July 2022  nationwide telecom outage,  co-hosts Tim and Doug explore the deeper ramifications of losing access to the very services that are so tightly integrated into our…

Sooner or later every risk management professional faces the hard reality that comprehensive risk management programs can't be implemented on spreadsheets. A corporate vice president mandate, minus t…

Chief Information Security Officer Martin Dinel has all the same technology challenges of every other large organization. Placing Alberta in front of that CISO title brings the additional requirement…

Very few organizations, from three letter agencies to the local brew pub are not using cloud services to some degree and those previously resistant had no choice once Covid 19 hit. In 2022, with glob…

Acknowledged by IT World  Canada as one of the top 20 women in cyber, Cara  Wolf shares insights into the Canadian tech industry , the need for innovation and tactics for drawing senior leadership's …

The threat landscape is evolving, if your security controls are not, the outcome is all but assured.

In this episode Tim and Doug are joined by Canadian cyber security serial entrepreneur Ian Paterso…

A light hearted espresso shot with renowned information security writer Winn Schwartau and Tim McCreight discussing the serious and all too common problem of uncontrolled ingress and egress.

While the…

An espresso shot covering a great idea Dave Tyson originally shared in his book and discussed during  our 2021 interview on identifying where security can contribute to the business value chain and s…