Cybersecurity has a growing problem that will force an evolution in the industry — it must deliver more recognizable value!

Cybersecurity must re-envision itself to both protect and become an active contributor to the overarching business goals. Embra

There are many approaches to conduct a strategic cybersecurity risks assessment.  This is one of my favorite ways, using a Threat Agent Risk Assessment (TARA) methodology. 

This paper was authored by Tim Casey, David Houlding, and I while we were at I

Hackers are exploiting an un-patchable vulnerability (CVE-2023–2868) in Barracuda Email Security Gateway appliances. Barracuda has announced that customers should discontinue using the email security product or upgrade. Hackers are using multiple typ

In this Cybersecurity Vault episode, I talk with Roger Sels about cybersecurity resource efficiency and maximizing value. Roger is a longtime cybersecurity executive and co-founder of a startup that is focused on helping CISOs identify opportunities

I greatly appreciate being included in the “Top Cyber Security Experts & Influencers to Follow in 2023” list from WhizLabs!

This group of leaders is a driving force for cybersecurity education, evolving best practices, communicating emerging risks, an

People often assume the goal of perfect cybersecurity is to be impervious to attack. That is not true! In fact, it is about an optimal balance between competing goals and limitations such as costs, user friction, and acceptable risks.

Please click th

One of my cybersecurity predictions for 2023 is the rise of cyber Private Military Companies (PMC) to specialize in cyberattacks.

One of the most famous PMCs currently in the news is the Russian Wagner group that is fighting for Russia on the ground

The cyber attacks on LastPass continue to be more invasive and damaging to its customers. Numerous security failures and poor leadership decisions have undermined this cybersecurity company’s reputation and sent its customers scrambling to protect t

I had a great conversation with Marco Ciappelli and Sean Martin from ITSPmagazine Podcast discussing the mistakes and hard-learned lessons in cybersecurity!

They are such characters! A fun and informative discussion.

Podcast:  https://bluelava.io/cruci

You can’t insure, what you don’t understand.

The cybersecurity insurance industry is in a tumultuous period, with skyrocketing deductibles, new limitations, hidden assumptions, and suffering from a slew of lawsuits from customers. The market is hot, w

Has the CRYSTALS-Kyber encryption algorithm, one of 4 quantum resistant methods that NIST has recommended to replace legacy encryption, fallen even before it has been rolled out? 

There is news that researchers from the KTH Royal Institute of Technolo

Far too often we focus only on the doom-and-gloom of our industry. Let's take a moment to recognize how our efforts have made a difference in avoiding or minimizing the risks of cyber losses.

Please click the Like button if you found this insightful

Cybersecurity will face serious problems in 2023 as the economics between attackers and defenders will drastically shift in favor of those who conduct attacks.

Take a look at my 2022 predictions as a reference: https://medium.com/@matthew-rosenquist/t