Posts

Some posts I wrote. Ideas and opinions mostly.

I write some posts from time to time. A mixed bag of notes, ideas, opinions and reflections. I enjoy sharing my thoughts on security, privacy, and whatever else catches my interest.

Please don't hesitate to explore and engage with any posts that resonate with you. I’m mostly active on LinkedIn at https://www.linkedin.com/in/olivierreuland/.

$Cover image for CISO vs vCISO vs fractional CISO$
CISO vs vCISO vs fractional CISO
CISO, vCISO, fractional CISO and more options to lead your information security practice.
privacysecurityrisk
People, Process and Technology
Security is not just about technology.
securityprivacy
Enable MFA everywhere
How to enable multi-factor-authentication (MFA) on your accounts?
securityMFA
How do you pronounce CISO?
Do you pronounce it CISO, CISO or CISO?
Let security updates flow
Don't bundle security updates and large software releases together.
securityopinion
IPSIE is great news
The new Interoperability Profiling for Secure Identity in the Enterprise (IPSIE) Working Group is great news for security.
securitynews
SOC2 vs ISO 27001
SOC2 and ISO 27001 are two important security compliance standards that serve different but complementary purposes. But which one is best for you?
securityprivacy
Use separate browser profiles
Using separate browser profiles is a quick and easy way to increase your security and privacy.
securityprivacy
Browser extensions
Are browser extensions the new macros?
securityprivacy
Adding AI to your SaaS - Security Risks and Opportunities
Using a new AI solution is no different to using any other 3rd party solution, with a few additional and important considerations.
privacysecurityrisk
When do you need to think about security and privacy?
As a startup founder or leadership team, when is a good time to think about security and privacy?
privacysecurityrisk
Unforgivable vulnerabilities
Vulnerabilities are not all born equal. Some are 'forgivable' and others are 'unforgivable', depending on the ease of implementing mitigations.
security
Reporting Vulnerabilities
How to report vulnerabilities and get them fixed?
security
Is vibe-coding safe?
Is vibe-coding safe? And what can you do to protect yourself?
securityrisk
Pro Bono Work
Helping charities fighting off the bad guys.
privacysecuritypro-bono
Does password complexity matter?
Does password complexity really matter? And if not, what does?
securityMFA
Data vs. Information vs. Knowledge vs. Wisdom
Get some value out of these 1's and 0's.
privacysecurity
Admin and devs are great targets
As we're getting better at protecting systems and accounts, attackers are moving to targeting admins and devs through the tools they use.
securityMFA
Information Security vs. Cyber Security vs. Privacy
The differences and overlaps of these three practices.
privacysecurity
MFA on shared accounts
Adding MFA to shared accounts is possible and recommended for most threat profiles.
securityMFA