Cybersecurity has a growing problem that will force an evolution in the industry — it must deliver more recognizable value!

The new SEC Rules establish a framework that requires rapid disclosure of material cybersecurity incidents (4 days), companies will need to be able to explain their cybersecurity posture to manage risks, and for boards to describe their oversight and expertise for cybersecurity. This is a major leap forward for securing…

The US National Cybersecurity Strategy Implementation Plan fails to address ransomware.

The recent HCA Healthcare data breach of 11 million patients’ data is shaping up to be another ugly incident where a company did not promptly communicate with its customers. HCA Healthcare is a large American healthcare services organization that covers 180 hospitals and over two thousand care centers across 20…

Check the calendar as Richard Stiennon and I discuss the forward-looking cybersecurity predictions for 2023 and beyond! With several…

There are many approaches to conduct a strategic cybersecurity risks assessment. This is one of my favorite ways, using a Threat Agent Risk…

Ever wonder what kinds of things happen when good-intentioned people try to manage cybersecurity? Well, in this case, a High School in Illinois responded to a system error by resetting every student’s password and then communicating it to all the parents. …

Cybersecurity Meetup with Richard Stiennon and Matthew Rosenquist The hottest topic of 2023 — Artificial Intelligence. Richard Stiennon and I discuss the relevance and how Large Language Models (LLMs), like ChatGPT, are adding innovation to the use of AI in the cybersecurity domain.

In this Cybersecurity Vault episode, I talk with the legendary cybersecurity metrics maestro Wade Baker about the challenges of measuring…