All Articles

The Basics Never Change

Cybersecurity trends come and go. New threats emerge. Fancy tools promise magic solutions. But ask any seasoned threat hunter, and they’ll tell you—the fundamentals are what keep organizations safe. The problem? Too many peopl

Welcome to the Challenge: Governance, Risk & Security

A CISO’s world is never just about technology. It’s about governance, risk, and control. Without governance, security becomes a guessing game. Without risk management, threats remain unseen. A 30-

The rapidly evolving expectations of cybersecurity are pushing CISOs to adapt and demonstrate greater value to their organizations. This session explores the changing role of the CISO heading into 2025, strategies for managing increasing expectations

𝗜𝗺𝗽𝗹𝗲𝗺𝗲𝗻𝘁 𝗗𝘆𝗻𝗮𝗺𝗶𝗰 𝗖𝗩𝗩𝘀
𝘈𝘵𝘵𝘦𝘯𝘵𝘪𝘰𝘯 𝘙𝘉𝘐: The Future of Secure Banking is Here –

In today’s digital-first world, credit and debit card frauds pose significant challenges to both consumers and financial institutions. As card transactions grow, so do the ris

Why spend the time, money, and resources on a security metrics program anyway? This section will review the Benefits of a Security Metrics Program 

A Lesson for Security Metrics from the Traffic Safety Industry 

Starting and maintaining an security

One of the most impressive hacks ever! Such tremendous sophistication is the hallmark of Nation State level attackers. Truly epic, but should you be worried?

Some say no, as the attack is not currently widespread.
I say we should all be concerned wi

Cybersecurity has a growing problem that will force an evolution in the industry — it must deliver more recognizable value!

Cybersecurity must re-envision itself to both protect and become an active contributor to the overarching business goals. Embra

Hackers are exploiting an un-patchable vulnerability (CVE-2023–2868) in Barracuda Email Security Gateway appliances. Barracuda has announced that customers should discontinue using the email security product or upgrade. Hackers are using multiple typ

In this Cybersecurity Vault episode, I talk with Roger Sels about cybersecurity resource efficiency and maximizing value. Roger is a longtime cybersecurity executive and co-founder of a startup that is focused on helping CISOs identify opportunities

People often assume the goal of perfect cybersecurity is to be impervious to attack. That is not true! In fact, it is about an optimal balance between competing goals and limitations such as costs, user friction, and acceptable risks.

Please click th

One of my cybersecurity predictions for 2023 is the rise of cyber Private Military Companies (PMC) to specialize in cyberattacks.

One of the most famous PMCs currently in the news is the Russian Wagner group that is fighting for Russia on the ground

The cyber attacks on LastPass continue to be more invasive and damaging to its customers. Numerous security failures and poor leadership decisions have undermined this cybersecurity company’s reputation and sent its customers scrambling to protect t

There are 3 things that LastPass customers need to know and do, to protect themselves from the recent encrypted vault breach! 

Consider this a community service video for LastPass users!

I hope this nonsense does not escalate down this path, but as Russia continues to fail with their attempts to conquer Ukraine, Putin will become more desperate and want to lash-out at Ukraine’s biggest international supporters.  Cyberattacks are a gr

On Sept 15^th a curious teenage hacker looking for fun, compromised Uber in a serious way, gaining administrative access to the company’s massive cloud instance, development environments, tools, and even their access management server!  The hacker jok

Delivering maximum value is a momentous challenge for cybersecurity organizations. It takes a decisive effort to organize and prioritize the proper goals that are meaningful to the business, and establish operational excellence to deliver effectivene