About
CurbRisk.com provides information, commentary, and news for enterprise information security professionals. Articles on this site are written primarily for people who work in large companies, but will often be relevant to information security professionals at other organizations.
Posts will appear generally once or twice per week, and will provide information about reducing risks, highlight interesting risks that the information security department should be aware of, and my observations on how to make security organizations more effective. Posts will be written to be useful to the staff and management of information security organizations, as well as others within IT departments, or other organizations that rely on technology.
In general, you won’t find highly technical ways to exploit vulnerabilities in technology systems. Where vulnerabilities represent a meaningful risk, you’ll find posts that can be shared with a CIO or others to explain the impact to the business.
About John Thompson
Information Security has always been somewhere between a passion and a hobby for me, although I began my career in application development. I spent ten years writing financial reporting applications, managing development teams, and studying how development teams work with security before moving to information security full-time. I currently work as a risk manager in the global information security department of a Very Large Company, and live in New Jersey with my wife and three kids.
Obligatory Disclaimer
This is my personal blog. The views and opinion presented on this blog are mine alone, and do not in any way reflect those of my employer.