Making Infosec Jobs Easier: Keeping Systems Patched
This is post 3 in our ongoing blog series on making infosec jobs easier. The first post covered the job of improving overall security posture, the second talked about assessing and reporting on breach risk. In this post, we discuss the job of keeping systems patched. The uphill struggles of ... Read More
Making Infosec Jobs Easier: Improving Security Posture
About 6 months back, I entered the office to see the words “How can we help make your job easier?” written in bold letters on the giant whiteboard. “Is this a new program from HR?”, I thought to myself, but it soon became clear. This was a call to action ... Read More
4 Reasons Your IT Asset Inventory is Inaccurate
A less talked about facet of a CISO’s job is making tough calls and sometimes the toughest call that you can make is admitting that you have a problem – you don’t have an accurate count of your IT assets. At Balbix, we talk to dozens of CISOs every week ... Read More
3 Essential Tools for CISOs to Get the Job Done
As a CISO, you need to assess and report on your enterprise’s breach risk in a number of situations. You may be a new CISO trying to get a quick handle on what you have inherited and where to begin. Or you may be a seasoned pro who reports on ... Read More
How to Picture Your Enterprise Security Posture
Visual imagery is an effective way to understand and communicate both abstract and concrete concepts. For CISOs and enterprise security teams, the ability to visualize your security posture and then use that imagery effectively while communicating your security posture to the board and other executives is of immense importance ... Read More
6 Issues that Undermine Your Vulnerability Management Team’s Ability to Keep Systems Patched
One of the main jobs of a vulnerability management team is to keep all systems patched to safeguard your enterprise network and data. To do this effectively, you need to first know what systems you have, namely an inventory of your enterprise IT assets. Then you need to understand which ... Read More
Women CISOs to Watch
I recently interviewed three women leaders in cybersecurity on what it is like to be a female leader in this typically male-dominated field. The interview with Olivia Rose, Naomi Buckwalter, and Lisa Plaggemier was a starting point, providing insights on what characteristics and special talents women are able to bring ... Read More
One Tool to Rule Them All
If you were to take a 10,000 ft view of your organization’s current security posture, would you see Figure A or Figure B? ... Read More
It’s Time to Broaden the Definition of a Vulnerability
In a very informal, completely unscientific survey of 10 cybersecurity pros, I asked, “what is a security vulnerability?” 8 out of 10 folks responded with “a CVE”, one said “that’s a loaded question” and one wise person said “it’s anything that puts you at risk” ... Read More
Through the Decades: Security Innovation in Response to Threats
Growing sophistication in cyber threats have fueled the security industry to fight back with a variety of strategies and tactics. Dividing the last 3 decades into roughly three phases – the era of the early internet (1985-2000), the rise of mobile and cloud (2001 – 2015), and the age of ... Read More
