Dr. Lee V. Mangold — CISSP

Cybersecurity, strategy, and building things that matter.

I'm Dr. Lee V. Mangold — a cybersecurity practitioner, strategist, and founder of OpenGRC. I write about security engineering, risk, and the strategic frameworks that keep organizations upright.

Read the blog About Lee →

Recent writing

All posts →

February 28, 2025 · Technology

Riding the AI Code Hype Train

I've been on the hype train before. (Flashback to the early days of Blockchain valuations) I've been a (mostly) quiet skeptic about the use of AI - specifically LLMs - for code generation. Anyone who

January 10, 2025 · Technology

OpenGRC - Coming in Q1-2025

The data management side of GRC is not a hard problem to solve. This is why, for many small companies, an Excel spreadsheet is the tool-of-choice. But, as Security professionals know (or quickly find

November 28, 2023 · Technology

Understanding And Applying A Software Bill Of Materials (SBOM)

"SBOM"—or "software bill of materials"—is one of the hottest new buzzwords in cybersecurity today, and for good reason. Each day brings new headlines about the latest supply chain

September 28, 2023 · Technology

“Password” Isn’t A Password, And Other Cybersecurity Mistakes

Every day we’re inundated with news reports about the latest high-profile hack or malware outbreak. We hear how companies get shut down or have to pay large sums of money just to get their own data ba

April 23, 2023 · Technology

Acceptable Use Policy Template

Many years ago I created an Acceptable Use Policy (AUP) template that was intended for use by my small business clients. I wanted a policy that was short, understandable, and written to be read (not j