Another new blog I wrote is up on the State of Security Blog exploring why Configuration Drift is a big risk - https://www.tripwire.com/state-of-security/catching-configuration-changes-data-exposure

Change management doesn’t have to be a “big bang project” – sometimes even the little steps towards improving change process can make a big difference, too. 

I've been around long enough to know that most outages are caused not by external threats, but by simple mistakes made internally - and the first question I'd asked when trying to troubleshoot an issue is "what's change" - little did I know then that I'd eventually work with companies to answer that very question every day at Tripwire!