Risk-Based Security for Executives - Tagged - Security Boulevard

CEOs Will Be Personally Liable for Cyber-Physical Security Incidents by 2024

Digital attack attempts in industrial environments are on the rise. In February 2020, IBM X-Force reported that it had observed a 2,000% increase in the attempts by threat actors to target Industrial ...

Plights of the Round Table – Strategic Lessons from the Casino

In Part 1 of the Plights of the Round Table, the executive staff of Camelot was working on the strategic plan for the following year. Morgan, the CEO, needs to decide how ...

Plights of the Round Table – A Tale of Weighing Risk

Chapter 1 In an ornate boardroom, a group of executives gathered at a large round table for their annual strategic planning meeting. Morgan, the CEO, was surrounded by Lana, the VP of ...
Modern Skills For Modern CISOs

Modern Skills for Modern CISOs: Your Questions Answered

Sometimes your best intentions are thwarted by technology. That was the case when Thom Langford and I attempted to do a Q&A session after our webinar “Modern Skills for Modern CISOs.” Unfortunately, ...
BAE Systems Logo

The Language of Risk: Bridging the Disconnect between the C-Suite and Cyber Security Experts

With data breaches regularly marking the headlines, it is no surprise that digital threats constitute an increasingly significant concern for the C-Suite and cyber security experts. What is surprising, however, is that ...
Assessment of Business cybersecurity

Cybersecurity Hygiene: Not a Dirty Little Secret for Long

In October 2018, FICO (a consumer credit scoring specialist) began scoring the cybersecurity of companies based upon a scan of internet facing vulnerabilities. FICO grades companies using the same scoring that is ...

Cybersecurity Is Every Leader’s Job

Every organization is led by people who are responsible for setting the overall direction, establishing priorities, maintaining influence over organizational functions and mitigating risks. Given the wide range of organizational types across ...

Why You Need a Concrete Incident Response Plan (Not Strategy)

Recently, I had the privilege to be part of a four-person discussion panel at a security event in London where the topic was about incident response. The panel was hosted by another ...

Security vs. Compliance: What’s the Difference?

Security and compliance – a phrase often uttered in the same breath as if they are two sides of the same coin, two members of the same team or two great tastes ...

Redefining the Meaning of Operational Risk

The definition of “operational risk” is variable, but it generally covers the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. I, however, want ...