All Articles

Brad LaPorte provides valuable insights into the current state of cybersecurity practices, emphasizing the need for organizations to embrace continuous security testing and proactive approaches to breach mitigation. He identifies five levels of ma

The speaker, a former army officer, reflects on their experience encountering nation-state cyber attacks early in their career. They describe the evolution of cybersecurity tactics, from traditional forensic methods to modern cloud-based and autom

The life of a cybersecurity professional is characterized by a constant battle against evolving threats and vulnerabilities. In today's complex and sophisticated landscape, there's no silver bullet solution to fix all our problems. Instead, we mus

In the realm of IT risk management, tagging applications in a consistent and standardized manner serves as a crucial foundation for effective asset classification. However, this process poses challenges, especially in terms of understanding the va

In an era marked by Shadow IT, hybrid working models, and rapid digitization, the landscape of cybersecurity is constantly evolving. With countless potential attack surfaces and vulnerabilities, organizations must prioritize understanding the unkn

As organizations grapple with escalating risks in the digital realm, the imperative for robust risk management has never been more pressing. In this era of increased scrutiny from regulators and stakeholders, businesses are compelled to demonstrat

In today's interconnected digital landscape, organizations face heightened risks that demand robust risk management strategies. With the proliferation of data breaches and regulatory scrutiny, the role of Chief Risk Officers, Privacy Officers, and

In the realm of risk communication, simplicity and clarity are paramount when conveying complex information to management or board members. While traditional models like the 5x5 matrix are widely used, some organizations opt for a more intuitive app

Effective communication of risks to management or board members is crucial for informed decision-making within organizations. One commonly used model for this purpose is the 5x5 matrix, which assesses risk based on likelihood and impact. While thi

Come join the ZeroTrust meet & expo on June 20^th-21^st in Stamford CT and listen to 35 renown speakers (well, 34 plus myself) across 8 business and technical tracks!  Luminaries like Vishal Amin, Ron Lear, Chase Cunningham (Dr. ZeroTrust himself!), Ge

In both the US and Canada, financial institutions face heightened regulatory demands, with regulators emphasizing the need for standardized cybersecurity practices and enhanced digital resilience. This blog explores the evolving regulatory landsca

The cybersecurity landscape is marred by challenges, compounded by a severe shortage of skilled professionals. As organizations strive to adhere to higher standards, combat increasing complexity, and defend against relentless cyber threats, the sc

The cybersecurity landscape is undergoing profound shifts, marked by the recognition that complete protection is unattainable. Instead, the focus has shifted towards detection, response, and remediation, epitomized by the XDR movement. In this blo

The cybersecurity landscape has undergone fundamental shifts, with attackers targeting organizations of all sizes and deploying continuous, sophisticated tactics. In response, the industry is witnessing a movement towards continuous defense strate

Cybersecurity isn't a one-time activity but a continuous effort that demands integration into every aspect of system design, build, and deployment. In a landscape rife with complexities and evolving threats, manual approaches are unsustainable. In

In an era marked by evolving cyber threats and stringent regulatory requirements, financial institutions face a daunting challenge in maintaining robust cybersecurity postures. Amidst talent shortages and escalating complexities, effective risk ma

Effective risk communication to management or board members is essential for informed decision-making. This clip explores various models and approaches for communicating risk, ranging from traditional methods to more visually-oriented techniques.