There are two main strategies I use when I’m in the role of CISO: Make sure people know what’s expected of them. This includes written procedures, training, and periodic reminders…
Read More
By mitigate, I assume you mean a company experienced a data breach and now wants to prevent it from happening again. The first step is to make a preliminary mitigation…
In my last post, we discussed how the FTC used its powers in commerce to protect customers from cybersecurity threats. We specifically looked at the case FTC versus Wyndham Worldwide…
In this series of blog posts, I’ll be looking at the Federal Trade Commission (FTC) charges against companies in the area of cybersecurity practices that put consumers at risk. The…
A top concern is, “do I have a false sense of security?” In other words: Are all my controls working properly? Any malfunctions, like a door that doesn’t close all…
We’re continuing in our series of blog posts that cover some of the most common questions I get asked about cybersecurity. Here are the last few weeks of questions in…
People often ask me questions about cybersecurity. Over the next several weeks I’m going to share some of these questions here. Q: What should I look for when shopping for…
Fire, Flood, and Cybersecurity In some respects, cybersecurity is not that different than protecting your building against fire or flood. For instance, if you choose to construct a building on…
In recent weeks I’ve been talking about the millennial mobster and the reality that savvy international businesses make up the majority of cybercriminals. This blog post is the final week…
The Internet Age of Criminals In 2015 the global cost of cybersecurity failures was five hundred billion dollars. In 2018 the cost is expected to reach two trillion dollars. And,…