How to Engage with the C-Suite on Cyber Risk Management, Part 2: Qualify Threats and Prioritize Risks

Read this part two of the article by Chris Hodson about engaging C-Suite on risk management on CSO Online : In our Part 1 article on delivering meaningful metrics to boards, I talked about the need to discuss security risks in ways that relate to board concerns. Many CISOs are reporting the wrong metrics to […]

How to engage with the C-Suite on cyber risk management

Read this part one of the article by Chris Hodson about engaging C-Suite on risk management on CSO Online : Enron changed the world of finance and the energy industry forever, and the early days of the Equifax hack look as though this breach could change the face of the credit industry and cybersecurity forever. […]

Active Cyber Defense Will Help Deter Future Threats

Read Riley Walters’s article about how active cyber defense will help deter future threats on The Daily Signal : On Tuesday, a massive cyberattack hit Ukraine. The very next day, professor Scott Jasper of the Naval Postgraduate School offered a systematic analysis of the United States’ existing strategic cyber deterrence options, of which active cyber defense will […]

How should you respond to a data breach?

Read Ron Bush’s commentary about how companies should respond to a data breach on The Times : So on that less-than-cheery note, let’s begin with what to do if you suddenly discover you have experienced a data breach — a real probability. If you have discovered a breach, it is quite likely it is because […]

Why Marrying Infosec & Info Governance Boosts Security Capabilities

Read Paul Shomo’s article on how combining infosec with information governance can boost security capabilities on Dark Reading : Cybersecurity is an industry of espionage, crime markets, and cyber mercenaries reverse engineering the weapons of warring states. Perhaps these stories are so sensational that we’re focusing a too much on the bad guys. Read his […]

Security Lessons From My Car Mechanic

Read how a car mechanic taught valuable lessons in cyber security to Adam Shostack on Dark Reading : I was in the shop the other day because my car was making strange noises, and the mechanic told me that the oil pan had come unlocked. It was going to be an easy fix, once they […]

Encryption Has Its Place But It Isn’t Foolproof

Read Doug Clare’s commentary about encryption on Dark Reading : Last year, an uncovered Snowden document from the US National Intelligence Council warned that the slow deployment of encryption and other technologies is putting government and private computers at risk of cyber attacks. Read his full article here.

Security Pros Must Join Forces to Combat the Internet of Evil Things

Read Dave Porcello’s commentary on why security pros should join forces to combat Internet of evil Things on Infosec Magazine : Vulnerable IoT devices and low-cost, plug-and-play cyber-espionage tools represent an emerging threat vector: the ‘internet of evil things’ (IoET). Dave Porcello argues infosec pros need to better understand this threat and collectively develop a standardized […]