Modern cyber defenses increasingly need to be identity-centric. Many industry thought leaders have honed in on this giving rise to the often heard “identity is the new perimeter”. Consequently, attackers do indeed now find it easier to log in rather

Welcome to the March edition of CISO Platform Highlights – your quick snapshot of the most insightful content, expert conversations, and community updates from the world of cybersecurity leadership.

This month, we explored one of the industry's most

“Flickering screens, a sickly, yellow glow. Humming servers, a constant, low thrum of digital malaise. Alerts screamed into the void, a cacophony of meaningless noise, lost in the echoing expanse of our digital tomb. Playbooks, relics of a forgotten

Icarus, in Greek mythology, son of the inventor Daedalus who perished by flying too near the Sun with waxen wings. 

BALANCE

Throughout my career, I’ve had the opportunity to help many organizations out with operational, tactical, and strategic s

“COBIT is not about security!”

I have heard this statement being said a couple of times about COBIT and for a bunch of different certificates and certifications throughout my career. There is of course truth in this statement as COBIT is not explic

Businesses of all sizes, whether in the financial, transportation, retail, communications, entertainment, healthcare, or energy sectors, are impacted by cybersecurity. Cyberthreats are commonplace. Cyberattacks have increased in frequency and malicio

PAYMENT PAGE SECURITY; Navigating PCI DSS v4.0: Insights on Requirements 6.4.3 and 11.6.1

Interview with Ed Leavens, Founder and CEO of DataStealth

As the March 31, 2025 deadline for PCI DSS (Payment Card Industry Data Security Standard) v4.0complian

Cybersecurity is on the brink of significant transformation as we approach 2025, grappling with escalating complexities driven by advancements in technology, increasing geopolitical tensions, and the rapid adoption of AI and IoT. In this blog, I’m ex

Welcome to the Challenge: Governance, Risk & Security

A CISO’s world is never just about technology. It’s about governance, risk, and control. Without governance, security becomes a guessing game. Without risk management, threats remain unseen. A 30-

My former “colleagues” have written several serious pieces of research about why a SOC without humans will never happen (“Predict 2025: There Will Never Be an Autonomous SOC”, “The “Autonomous SOC” Is A Pipe Dream”, “Stop Trying To Take Humans

Imagine this. You’re standing in your kitchen, making toast. Suddenly, you hear a dripping sound. You glance at the sink and notice water pooling around the base. It’s not a flood—yet—but it could be. You investigate the source, tighten a loose pipe,

Unfortunately, I am old enough to remember how SIEM was done before the arrival of threat intelligence feeds. We had to write broad behavioral (well, “behavioral-ish”, if I am totally honest) rules without relying on any precise knowledge of attacker

The Cyber Threat Landscape for Small Businesses 

Small and medium-sized businesses (SMBs) face a rising tide of cyber threats, challenging the misconception that only large corporations are at risk. As cybercriminals increasingly target smaller organi

Mastering Your First 30 Days as a CISO: A Strategic Roadmap

Stepping into the role of Chief Information Security Officer (CISO) is no small feat. The first 30 days are a critical window where you establish credibility, align with business objectives,

The warrior Achilles is one of the great heroes of Greek mythology. According to legend, Achilles was extraordinarily strong, courageous and loyal, but he had one vulnerability–his “Achilles heel.” Homer’s epic poem the Iliad tells the story of his a

MYTH: A traditional story, especially one concerning the early history of a people or explaining some natural or social phenomenon, and typically involving supernatural beings or events.

Source: dictionary[.]cambridge[.]org

INGRESS

Security favo