Keith and I left the scene like we found it: the two kidnappers dead on the floor, their shotgun up against the wall, and the rope used to tie up Carl Timmons sprawled out on the floor. We tipped off local law enforcement and were gone before they arrived, leaving no trace we were ever there.
CISO Perspectives
CISO Blogs
Stagehand: S1 Episode 7
Keith and I left the scene like we found it: the two kidnappers dead on the floor, their shotgun up against the wall, and the rope used to tie up Carl Timmons sprawled out on the floor. We tipped off local law enforcement and were gone before they arrived, leaving no trace we were ever there.
Stagehand: S1 Episode 6
Keith and I left the scene like we found it: the two kidnappers dead on the floor, their shotgun up against the wall, and the rope used to tie up Carl Timmons sprawled out on the floor. We tipped off local law enforcement and were gone before they arrived, leaving no trace we were ever there.
What Is Zero Trust Anyway?
The difference between the success and failure of a data classification program is a lack of action. The purpose of this blog post is to provide you with enough background and understanding to develop a plan. Here is a framework, something to develop into a plan and intelligently pitch to senior management. The following will give you the tools to persuade the required business leaders to implement a successful Data Classification program.
Why Bots Are the Next Big Thing in Account Takeover Fraud
Automated measuring of control effectiveness is a very good idea conceptually. Unfortunately, organisations can’t confidently say their controls are really deployed everywhere they’re expected.
When software reaches EOL, it means that program will no longer be supported by the developer and there will be no more updates. Without updates and bug fixes, this software becomes vulnerable to hackers and cyber criminals.
Stagehand: S1 Episode 5
Keith and I left the scene like we found it: the two kidnappers dead on the floor, their shotgun up against the wall, and the rope used to tie up Carl Timmons sprawled out on the floor. We tipped off local law enforcement and were gone before they arrived, leaving no trace we were ever there.
CISO Interviews
Our Ransomware Panelists Answer Your Questions
A Conversation with Endre Walls – Part 2
In part 2 of this interview with Endre Jarraux Walls, EVP and CISO for Customers Bancorp and Customers Bank, Endre explains what CISOs and fire chiefs have in common and shares his views on zero trust. He has sage advice for anyone looking to get into cybersecurity, and for CISOs in their first 90 days on the job to ensure they have another 5,000.
Our Supply Chain Panelists Answer Your Questions
Alan Levine, CISO at Alcoa (retired) and Advisor, Jason Lewkowicz, Global CISO, for Cognizant, Matthew Butkovic, Heinz College of Information Systems and Public Policy at Carnegie Mellon University, and Eris Symms, CISO for Arconic Corporation collaborated to answer viewer questions from our latest webinar, “The Race to Secure Your Supply Chain”.
While most questions were addressed during the webinar, moderator Alan Levine subsequently provided additional insight. If you missed this webinar or would like to watch it again, you can view it below.
A Conversation with Endre Walls – Part 1
Endre Jarraux Walls is the Executive Vice President and CISO for Customers Bancorp and Customers Bank. His accolades include: a top 40 under 40 leader in the greater Philadelphia region, a top 10 global CISO, and an American Cyber Awards honoree. He received a BS in Information Technology from Capella University in Minnesota and Accelerated Management Program Certificate from Yale University’s School of Management for Executive Education.
A Conversation with Greg Crabb – Part 3
In our third and final interview with Greg Crabb, the Virtual CISO and former CISO and Vice President for the United States Postal Service, he shares the changes he’s seen in cybersecurity during his career and what’s surprised him the most. Greg also explains the 4 C’s of innovation, what’s kept him active during the pandemic, and which family member plans to follow in his footsteps.
A Conversation with Greg Crabb – Part 2
In part 2 of this three-part interview, Greg Crabb, Virtual CISO and former CISO and Vice President for the United States Postal Service, discusses how he sees the CISO role evolving. Greg proposes a new title for CISOs, who he feels CISOs should report to, and outlines what a CISO should do in their first 90 days on the job. He also shares an interesting story about what event preceded him joining the US Postal Service.
CISO Panels
Global Trends and Predictions 2022
2021 was a year we would like to forget when it comes to cyberattacks. Cyber criminals honed their craft by tapping advanced attack models while dramatically expanding their impact with a long list of successful attacks on the software supply chain. This panel discussion focuses on cybersecurity trends that emerged in 2021 as well as predictions on what we are likely to see on the cybersecurity front in 2022.
Cybercriminals Are Watching You; Are You Watching Them?
Today’s cybersecurity platforms are much more robust than they were even just a couple of years ago in terms of network visibility and identifying risks. Some of this is by necessity. As a larger fraction of the global workforce now works from home, “zero trust” strategies have replaced on-premises controls, enabling organizations to protect sensitive assets while providing greater remote access.
3 CISOs Discuss How To Select the Right Cyber Insurance
Cyber insurance has changed drastically over the past decade. The days of justifying why your organization needs cyber insurance and demonstrating cyber-insurance ROI are a distant memory. In recent years, the discussion around cyber insurance has gone from a small back-room discussion between individuals to involving multiple departments. Cyber insurance is no longer seen as a nice to have—it’s a must have.
The Dramatic Evolution of Cyber Insurance
Cyber insurance has changed drastically over the past decade. The days of justifying why your organization needs cyber insurance and demonstrating cyber-insurance ROI are a distant memory. In recent years, the discussion around cyber insurance has gone from a small back-room discussion between individuals to involving multiple departments. Cyber insurance is no longer seen as a nice to have—it’s a must have.
The Two Biggest Misconceptions About Zero Trust
“Zero Trust” is a term on the tip of every CISO’s tongue. However, certain misconceptions about zero trust continue to circulate in the cybersecurity community and into board rooms. CISOs in turn must educate their senior executives and directors on what the term means and doesn’t mean. For example, there is no such thing as zero trust products. In addition, implementing zero trust does not make a system trusted. Identifying and dispelling these misconceptions are critical when deciding if a zero trust approach is right for your organization.
Zero Trust: Marketing Buzzword or Realistic Strategy?
Zero trust is not a new concept, but as times change, so too must cybersecurity strategies. The antiquated “trust but verify” model, for example, has proven insufficient. CISOs are now taking a secure by design approach. They don’t trust anyone or anything unless that trust happens through policy-based access control. Make sure people have access to what they need and only what they need, and not more than that. This approach makes sense given the heightened risk of unauthorized data access.
CISO Sillies
Can You Hear Me Now?
Since the global pandemic chased everyone indoors, Zoom web meetings have become the new normal. We will figure this out. Eventually.
Dirty Hands, Elephants, and ID10Ts – Oh My!
CISOs somehow maintain a sense of humor, despite the stress and frustration inherent in their jobs. And we’re all better for it.
Beware The CISO’s Wrath
CISOs have a lot of patience. Patience however is a virtue that can be tested from time to time. As the old saying goes, if you’re not a part of the solution…
How Dirty Is Your Supply Chain?
Managing vendors, partners and suppliers can be a dirty job. What do soap and your supply chain have in common?
In Zero We Trust
CISOs in higher education have a unique challenge. They must protect their network from hackers, like CISOs in other industries, but there’s a select group of people on college campuses that are even scarier than hackers…