Product Announcement: Automate CIS Benchmarks
Balbix enables organizations to automate CIS Benchmarks to streamline compliance reporting and reduce their attack surface, achieving stronger security posture. Security teams and CISOs leverage CIS benchmarks for best practices and configuration recommendations to ensure they proactively harden their environments. Compliance with CIS benchmarks is also necessary for meeting internal ... Read More
UnFAIR: The Limitations of FAIR’s Risk Model
This is blog 2 of 3 in our FAIR model series. The limitations of FAIR’s data collection process are discussed in part 1 of this blog series. Building a lego design and quantifying cyber risk have essential characteristics in common. To construct a lego design, you start by collecting the ... Read More
UnFAIR: The Limitations of FAIR’s Approach to Data
This is blog 1 of 3 in our FAIR model series. Legos were a significant part of my childhood. They gave me countless hours of entertainment, but beyond that – they gave me some of my first exposure to understanding how building a model works. Before building any lego design, ... Read More
Patch Tuesday Update – Nov 2022
Well daylight savings time for much of the United States has arrived. Changing clocks is always a good reminder to do other maintenance like change your smoke alarm batteries, put in new air filters in your house, and yes, clean up your cybersecurity environment. It is the last of these ... Read More
Patch Tuesday Update – October 2022. Fixes for 13 critical vulnerabilities and 2 zero-days
October is here and you can “be-leaf” that there are plenty of new vulnerabilities to patch this month! The number of patched threats announced by Microsoft totals 84, including 13 deemed as Critical and two zero-days. There are also two previously known issues that have not yet been patched. The ... Read More
How to Present Cyber Risk in CFO-Speak
I recently spoke to two CFOs about how cyber risk quantification (CRQ), a method used to measure cyber risk in financial terms, is shifting business conversations around cybersecurity posture. Both business leaders shared their frustration: it is a huge challenge for security leaders to find common language with business stakeholders ... Read More
How to Present Cyber Risk in CFO-Speak
Do you find it challenging to have meaningful conversations with your organization’s senior executives and board members about cyber security risk? If you answered yes, it may be that you’re not speaking in terms that your CFO, CEO and board understand, or more importantly, care about. As a security leader, ... Read More
Step Into Reality, “Neo” CISO: Lessons from the Matrix
Next week is Oscar week and I can’t help but think of one of the most popular films to capture the essence of cybersecurity, The Matrix. The film has long been appreciated by security professionals for highlighting our current reality: digital transformation is opening our world to innovation but also ... Read More
4 Ways to Amp up the Women Power in Cybersecurity
While the number of women in cybersecurity has nearly doubled since 2013, it is still low when compared to other functions in the workplace.The cybersecurity industry needs to continue pushing for more women in the workplace. According to Forrester, the industry is projecting a staffing shortage of 1.8 million unfulfilled ... Read More
