People often assume the goal of perfect cybersecurity is to be impervious to attack. That is not true! In fact, it is about an optimal balance between competing goals and limitations such as costs, user friction, and acceptable risks.

Please click th

One of my cybersecurity predictions for 2023 is the rise of cyber Private Military Companies (PMC) to specialize in cyberattacks.

One of the most famous PMCs currently in the news is the Russian Wagner group that is fighting for Russia on the ground

The cyber attacks on LastPass continue to be more invasive and damaging to its customers. Numerous security failures and poor leadership decisions have undermined this cybersecurity company’s reputation and sent its customers scrambling to protect t

I had a great conversation with Marco Ciappelli and Sean Martin from ITSPmagazine Podcast discussing the mistakes and hard-learned lessons in cybersecurity!

They are such characters! A fun and informative discussion.

Podcast:  https://bluelava.io/cruci

You can’t insure, what you don’t understand.

The cybersecurity insurance industry is in a tumultuous period, with skyrocketing deductibles, new limitations, hidden assumptions, and suffering from a slew of lawsuits from customers. The market is hot, w

Has the CRYSTALS-Kyber encryption algorithm, one of 4 quantum resistant methods that NIST has recommended to replace legacy encryption, fallen even before it has been rolled out? 

There is news that researchers from the KTH Royal Institute of Technolo

Far too often we focus only on the doom-and-gloom of our industry. Let's take a moment to recognize how our efforts have made a difference in avoiding or minimizing the risks of cyber losses.

Please click the Like button if you found this insightful

Cybersecurity will face serious problems in 2023 as the economics between attackers and defenders will drastically shift in favor of those who conduct attacks.

Take a look at my 2022 predictions as a reference: https://medium.com/@matthew-rosenquist/t

CISOs are being asked to do more every year, putting increasing pressure on already stressed cybersecurity professionals!

Summary : 

The CISO role is becoming more complicated.

Let's look at three aspects quickly - first there is the ever increasi

The recent outage of the Federal Aviation Administration’s Notice to Air Missions (NOTAM) Pilot-Alert system, which triggered a 90 minute “ground stop” delayed over 9 thousand flights and was behind the cancelation of 1300, leaving countless flyers s

The Critical Infrastructure sectors, 16 in total that are the foundation of a country and economy to operate, are coming under more pressure from cyber-attacks. The trend will not subside because of who is behind these sinister attacks!

Subscribe to

In this episode of the Cybersecurity Vault, I talk with Malcolm Harkins (Chief Security & Trust Officer at Epiphany Systems) and Robb Reck (Chief Trust and Security Officer at Red Canary) for a deep dive exploration of why the role exists, and how it

I hope this nonsense does not escalate down this path, but as Russia continues to fail with their attempts to conquer Ukraine, Putin will become more desperate and want to lash-out at Ukraine’s biggest international supporters.  Cyberattacks are a gr

On Sept 15^th a curious teenage hacker looking for fun, compromised Uber in a serious way, gaining administrative access to the company’s massive cloud instance, development environments, tools, and even their access management server!  The hacker jok

As Putin’s war on Ukraine reveals stunning failures of Russian forces, the embarrassed leader becomes more desperate. This has ramifications on the overall global security of digitally connected systems, potentially affecting all of us.

In today’s pod

Peiter “Mudge” Zatko, head of security at Twitter and now whistleblower, was explicit as he testified to Congress about Twitter Security Flaws. Mudge outright accused Twitter executives of misleading the government, users, and shareholders regarding

As Ukraine makes significant gains over Russia as part of their counteroffensive, we must expect Putin to respond to the embarrassment in many petty ways, including leveraging cyberattacks against countries that have been supplying and supporting Ukr

Albania has expelled Iranian diplomats and severed diplomatic relations with Iran because of cyberattacks from the Iranian Intelligence Agency that targeted government services and websites. Such an icy diplomatic response has never happened before a