NEW Layout
When a batter goes into a slump, he seeks help from a batting coach. The coach analyzes the player’s swing, identifies lapses in fundamentals, and calls attention to them. Hold your head steady and straight over your lead shoulder. Keep your hands back. Take a short step towards the mound. Drive the bat knob toward the ball. Roll your wrists. Swing through the ball. These core elements, when executed consistently, allow batters to swing for average and power. Notice the batting coach doesn’t try to reinvent the batter’s swing. He doesn’t recommend a right handed batter try batting left handed or encourage a singles hitter to start swinging for the fences.
The batting coach knows he can get a struggling batter out of a slump by stressing the fundamentals. CISOs have taken the same approach with employees who are now forced to work from home. Keep your eyes open for security gaps. Communicate those vulnerabilities. Maintain high standards of security from employees, peers, and partners. Ultimately, if we’re only in the third or fourth inning of this global pandemic, it’s important we maintain our focus. This advice will help not only the batter in the seven hole who gets fooled by the curveball but also the desk jockey who wants to click on a link or attachment.
CISO Street recently moderated a virtual CISO panel and asked panelists about their perspectives on several cybersecurity issues and trends. In this video, Christopher Rence, Chief Data, Compliance, Security and Risk Officer with EQ Holdings, Jake Margolis, CISO for the Metropolitan Water District of Southern California, Brent Lassi, CISO for Bluecore, and Eric Yancy, Information Security Officer for the City of Irving (TX) discuss the importance of fundamentals while working from home.
RELATED POSTS
Stagehand: S1 Episode 8
Carl Timmons was given 24 hours to decide what he wanted to do. This was a tactic. Twenty four hours to sit alone and think about all the money he could want and the price he’d pay for it. And 24 hours to also contemplate what Andre Savin might do to him before he...
Stagehand: S1 Episode 7
Andre Savin and Lincoln Palmer had met on several occasions and had the type of relationship you’d expect between two men of their standings on the billionaire scale. Contemptuous but also understanding. They were both driven by the same desire—access to...
Stagehand: S1 Episode 6
Belfast, New York - 1889 They called him The Boston Strong Boy—arguably the first real boxing star and one of the highest paid athletes of his time. He’d always been good at school. He attended Boston College where his parents thought he might pursue a life in the...
What Is Zero Trust Anyway?
About three minutes into planning this post, I had one of those “god, I am old” moments. Here is why I had the moment. I have worked in cybersecurity since 1994. My first job was at a big 3 working for the U.S. government through one of the world’s...
Why Bots Are the Next Big Thing in Account Takeover Fraud
Account takeover fraud may sound like a familiar term in cybersecurity, yet its prevention methods in the e-commerce domain are still nuanced. Retailers are historically concerned with payment fraud systems related to chargebacks. This happens when a customer makes a...
Stagehand: S1 Episode 5
Kuwait, 1990 I’m launched out of a submarine a few miles off the coast of Kuwait City. When I swim to shore, I quickly change into my dry land clothes—a full burka. I was a six-foot-one Marine posing as a good Muslim woman. The catch, beneath the modest...
Summit 2022-04
VIRTUAL EVENTKEYNOTEGeneral John F. Wharton U.S. Army (Ret), served the nation for more than 30 years, experienced in leadership, technology, acquisition, and logistics. Currently a public and private sector advisor. KEYNOTE | Lessons From the Front Line on...
Ransomware: When Policy Matters Most
Most CISOs divide their approach to cyber defense into three pillars: people, technology, and processes. These pillars define a cybersecurity program’s defensive architecture and arsenal, available assets, and policies and procedures that together inform...
Selling to a CISO? Practice Empathy, Not Salesmanship
The cyber security marketplace is hot. Ask any candidate for a cybersecurity role. Better yet, ask any supplier to CISOs. The supplier audience is especially vast, and it’s continuing to grow. Just three years ago, there were estimated to be less than 2,000...
The Risk of Measuring Risk
Automated measuring of control effectiveness is a very good idea conceptually. When you can combine control gaps with relevant threat information, you get a very good picture about the actual technical cyber risks your business faces. If done correctly, it provides...
Stagehand: S1 Episode 4
Keith and I left the scene like we found it: the two kidnappers dead on the floor, their shotgun up against the wall, and the rope used to tie up Carl Timmons sprawled out on the floor. We tipped off local law enforcement and were gone before they arrived, leaving no...
Community Blog
ArticlesCISO Blogs
SecOps Needs More Democratization, Not Less SOC
An increasing complexity of technologies, as well as an increasing number of failures and attacks followed by an increasing dependency on business goals is changing the way we run Security Operations Centers. I previously discussed the concept of a Fusion Center as an...
Measuring a Cyber Awareness Culture
Until recently, cyber awareness metrics have been treated by many as a tick-box exercise driven by regulations. The regulator requires x number of hours of cyber awareness training per employee per year, and once that is done, the organisation ticks a box and waits...
Good Enough Isn’t Good Enough Anymore
The cyber risks we face today are more than we faced previously but also fundamentally different in several respects. Our adversaries are more adept and their tools and tactics more protean in capability. In light of these increasing challenges, our cyber defenses...