All Articles

People often assume the goal of perfect cybersecurity is to be impervious to attack. That is not true! In fact, it is about an optimal balance between competing goals and limitations such as costs, user friction, and acceptable risks.

Please click th

One of my cybersecurity predictions for 2023 is the rise of cyber Private Military Companies (PMC) to specialize in cyberattacks.

One of the most famous PMCs currently in the news is the Russian Wagner group that is fighting for Russia on the ground

The cyber attacks on LastPass continue to be more invasive and damaging to its customers. Numerous security failures and poor leadership decisions have undermined this cybersecurity company’s reputation and sent its customers scrambling to protect t

There are 3 things that LastPass customers need to know and do, to protect themselves from the recent encrypted vault breach! 

Consider this a community service video for LastPass users!

I hope this nonsense does not escalate down this path, but as Russia continues to fail with their attempts to conquer Ukraine, Putin will become more desperate and want to lash-out at Ukraine’s biggest international supporters.  Cyberattacks are a gr

On Sept 15^th a curious teenage hacker looking for fun, compromised Uber in a serious way, gaining administrative access to the company’s massive cloud instance, development environments, tools, and even their access management server!  The hacker jok

Delivering maximum value is a momentous challenge for cybersecurity organizations. It takes a decisive effort to organize and prioritize the proper goals that are meaningful to the business, and establish operational excellence to deliver effectivene

Firmware is the little-talked-about component of every digital device and computer system, that possesses tremendous control, and is now being targeted by cyber attackers.   In today’s Cybersecurity Insights podcast, I am talking with Scott Scheferma

I recently presented to a small group on why cybersecurity is becoming more difficult over time, despite all the money and effort that is being applied. Sharing a replay of the presentation where I discuss cybersecurity history, root causes, shifting

The cybersecurity industry had challenges with bringing in new blood and facilitating the career growth.  Misinformation has unfortunately played a part in making various roles appear unattainable, when we should be doing the opposite.  We should be

Recently introduced Ransomware and Financial Stability Act (H.R.5936) is the right direction for undermining ransomware attacks, by disallowing payments, but it just does not go far enough. This proposal only benefits traditional financial institutio

One of the greatest challenges for a cybersecurity leader is to convey the present digital risks upward to the c-suite and Board of Directors. Representing to executive leadership the value of security, which protects the organization’s assets, reput

The 2021 Front Lines cybersecurity conference brought together a panel to discuss the challenges faced by the industry with growing security threats and far too cybersecurity professionals to combat them. The “Closing the Cyber Skills Gap” panel feat

Industries must either take security, privacy, and safety seriously or find themselves burdened under the crushing blanket of regulatory oversight.

A recent announcement by the European Commission that the Radio Equipment Directive will be updated to

Once an abstract and futuristic concept, the cloud has now extended its very tangible tendrils into nearly all aspects of the modern enterprise. In fact, the abundance of cloud options that organizations enjoy today has become somewhat of a liability