BLOG

Your trusted source for cybersecurity news, insights, and advice.

Changing the Private Equity Game

Changing the Private Equity Game

Ask your typical Private Equity executive how he or she evaluates and manages the financial performance of their portfolio, and you’ll nearly certainly get a response along the lines of “We invest in companies that have solid assets, but not fulfilling their entire...

Cybersecurity Can’t Just Be about the Tech

Cybersecurity Can’t Just Be about the Tech

“One of the areas where I think we’re having a lot of success is helping the tech individuals speak business. Before, they say, ‘…we’ve identified these five risks that are all red on my chart,’ which means nothing to a CFO or CEO. We’re putting a tool in their hands...

The Great Translator: The Power of Risk Quantification

The Great Translator: The Power of Risk Quantification

One of the biggest obstacles to achieving cybersecurity maturity is a language barrier: security leaders speak tech, risk managers speak insurance, the legal team speaks contracts, CFOs speak ROI, and the C-suite and Boards of Directors speak duty of care and...

How to Avoid the Fake CEO Scam

How to Avoid the Fake CEO Scam

The US Treasury recently reported that Business Email Compromise (BEC) scams, sometimes referred to as “fake CEO scams, cost U.S. businesses an average of $300 million each month in 2018. These scams are on the rise; according to Trend Micro, the number of BEC...

A New Litmus Test for Board Directorships

A New Litmus Test for Board Directorships

Over the course of my career I’ve had the privilege to serve on numerous Boards of Directors of both public and private organizations. It’s a great honor to have the shareholders and stakeholders of an organization put trust in you, and fellow board members, to watch...

Making Sense of the NIST CSF

Making Sense of the NIST CSF

Of course, the whole point of a Doomsday Machine is lost, if you keep it a secret! Dr. Strangelove The Framework for Improving Critical Infrastructure Cybersecurity (aka the NIST Cybersecurity Framework, aka the NIST CSF) offers security organizations a framework to...

Moody’s: The Cybersecurity Trifecta for Boards of Directors

Moody’s: The Cybersecurity Trifecta for Boards of Directors

Intent To Rate Cybersecurity Risk Is The Third Major Board Of Directors Wake-Up Call The past 36 months has seen two significant developments that should have woken up Boards of Directors to their cybersecurity obligations. First, a spate of high-profile cyber events,...

Outrunning the Bear

Outrunning the Bear

A Cybersecurity Assessment Boards Actually Care About Boards and executives are becoming increasingly involved in cybersecurity planning and strategy discussions. This is a marked improvement over the last decade, much of which is due to media-catching headlines and...