The Need for Speed in Cybersecurity

The Need for Speed in Cybersecurity

Friday is my favorite day of the week. This is the day I set aside to connect with CISOs in Balbix’s advisory council, in our customer base, and in the broader industry. These are not selling sessions – instead they are about listening, introspecting, and brainstorming. My objective is to ... Read More
What Do White Chocolate Macadamia Nut Cookies Have to Do With Cybersecurity Posture?

What Do White Chocolate Macadamia Nut Cookies Have to Do With Cybersecurity Posture?

| | security posture
Picture this. You walk into the kitchen. On the counter, is a beautiful charcoal gray plate. And right in the center of the plate is a perfectly round cookie. You are tempted, of course. You reach for the cookie, take a bite, and close your eyes in anticipation of a ... Read More
Operationalize the NIST Cybersecurity Framework Without Pulling All Your Hair Out (Part 2 of 3)

Operationalize the NIST Cybersecurity Framework Without Pulling All Your Hair Out (Part 2 of 3)

| | security posture
This is the Part 2 of a 3-part blog on how to use the NIST cybersecurity framework without getting bogged down and lost in the minutia of the specification documents. Part 1 can be found here, and we recommend you read this piece first if you have not already done ... Read More
Operationalize the NIST Cybersecurity Framework Without Pulling All Your Hair Out (Part 2 of 3)

Operationalize the NIST Cybersecurity Framework Without Pulling All Your Hair Out (Part 2 of 3)

| | security posture
This is the Part 2 of a 3-part blog on how to use the NIST cybersecurity framework without getting bogged down and lost in the minutia of the specification documents. Part 1 can be found here, and we recommend you read this piece first if you have not already done ... Read More
7 Reasons to be Thankful for Your Cybersecurity Team

7 Reasons to be Thankful for Your Cybersecurity Team

| | cyber resilience
Enterprise cybersecurity teams do more than keep organizations safe. At its core, the information these folks secure is about people — customers, employees, partners. So, keeping organizations secure ultimately means securing people’s digital lives. Cybersecurity teams are usually only acknowledged when something goes wrong. Yet for every cyber breach, there ... Read More
7 Reasons to be Thankful for Your Cybersecurity Team

7 Reasons to be Thankful for Your Cybersecurity Team

| | cyber resilience
Enterprise cybersecurity teams do more than keep organizations safe. At its core, the information these folks secure is about people — customers, employees, partners. So, keeping organizations secure ultimately means securing people’s digital lives. Cybersecurity teams are usually only acknowledged when something goes wrong. Yet for every cyber breach, there ... Read More
Operationalize the NIST Cybersecurity Framework Without Pulling All Your Hair Out

Operationalize the NIST Cybersecurity Framework Without Pulling All Your Hair Out

If you are reading this, you may have decided to upgrade your ad-hoc cybersecurity program to be compliant with the NIST Cybersecurity Framework. Your CEO or audit committee might have asked about this, or perhaps one of your CISO-friends suggested this. First off, you should know that your cybersecurity program ... Read More
End that Zoom call and take a step back…

End that Zoom call and take a step back…

| | security posture
If you are the CISO of a mid-sized enterprise, end that zoom call and take a step back. You probably spent 60+ hrs in Zoom meetings this week. Your team has been working really hard over the last few months dealing with the change to a work-from-home workforce. Lots of ... Read More
The Big Lie in Threat Hunting

The Big Lie in Threat Hunting

Wikipedia defines cyber threat hunting as “the process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions.” In practice, this is a very manual process where trained “hunters” combine expertise in attacker behavior and techniques combined with a deep knowledge of ... Read More
The Big Lie in Threat Hunting

The Big Lie in Threat Hunting

Wikipedia defines cyber threat hunting as “the process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions.” In practice, this is a very manual process where trained “hunters” combine expertise in attacker behavior and techniques combined with a deep knowledge of ... Read More