Cyber-risk Reporting
3 Questions Your Board Has About Cybersecurity
Let’s get straight to the point. The main question your board has is, “Are we secure?” As you know, that is an overly simplified and arguably unanswerable question ...
6 Challenges New CISOs Face in Assessing Breach Risk
Week 2 at the new gig as CISO of the hot company you've had your eye on for quite some time. No immediate red flags yet. Your team seems awesome, you're ready ...
How to Talk to Senior Executives About Cybersecurity
There will always be subjects that we need others to explain to us like we are five years old. Quantum Physics. Super PACs. The Flux Capacitor. For most board members and c-suite ...
Improving Your Security Posture in 3 Easy Steps
Security posture, which is the aggregate security status of all assets in your organization, has an inverse relationship with cybersecurity risk. If you strengthen your security posture, you reduce overall risk. Sounds ...
The Evolution of Threat Hunting
Wikipedia defines cyber threat hunting as “the process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions.” In practice, this is a very ...
An open conversation about cyber-risk reporting to the BOD
A few days ago, I had the privilege of moderating a boardroom discussion of CISOs at the Evanta Dallas CISO Summit on the topic of Cyber-Risk Reporting for the Board. Evanta’s boardroom ...
50 Shades of Gray in Cybersecurity
Nearly 90% of data breaches happen because of poor cybersecurity posture. Unfortunately, a strong cybersecurity posture is not necessarily a function of dollars invested or the number of tools deployed. Organizations struggle ...
Quantifying cyber-risk for your BoD and c-suite colleagues
How should you report on your organization's cybersecurity posture to your board of directors and C-suite colleagues? As you know very well, your board members’ and senior executives view of cybersecurity is ...
