Increasing Cybersecurity Requires Organizations to Collaborate

Dateline: April 13, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. It's becoming increasingly clear that one 'feature' of our business environment is making it possible for the cyber-criminals to be successful:  Our public and private organizations are hesitant to collaborate and work together.  Our competitive business ecosystem, regulations, … [Read more...]

GDPR as a Forcing Function for Things That Should Have Happened Already

Dateline: April 6, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. This week we saw new announcements of data breaches affecting millions of individuals.  Delta, Sears, and Under Armor all reported hacks that impact information privacy, highlighting the fact that for just about every company, the question is not "if" but "when" they are hacked.  … [Read more...]

No Silver Bullet to Cyber Security: It’s a Shared Responsibility

Dateline: March 30, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Recently we have focused on cybersecurity governance in this blog and this week, we share a thought about the broader executive responsibility for keeping our companies cybersafe.  Cybersecurity doesn't have a 'silver bullet' answer: keeping our organization secure requires a … [Read more...]

Cryptojacking Public Cloud Environments Becoming More Popular

Dateline: March 23, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Cybersecurity seems to be taking a new turn with the bad guys using our systems to mine their own cryptocurrencies, not just to hold us ransom or steal our data.  They are now stealing our cloud-based processing power and this is being called "cryptojacking".  Recently TechTarget … [Read more...]

Cybersecurity Governance a Priority for CISOs in 2018

Dateline: March 16, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. We have been focusing on cybersecurity management and leadership lately.  With increasing focus on breaches, attacks, and ransoms, it's clear that cybersecurity leaders are being stretched very thin.  Figuring out how to get ahead of these issues is paramount.  And it's more than … [Read more...]

People are the Hardest Part of Cybersecurity

Dateline: March 2, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Making a company cyber resilient is both a people and a technology problem.  Recently, TechTarget interviewed Alissa Johnson, the CISO of Xerox Corp.  In that interview, she was asked about the difficulty of managing these two critical components of cybersecurity. What is more … [Read more...]

Cyber Security vs Resilience: The Board’s Role

Dateline: February 23, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Cybersecurity is a business concern that must be addressed at every level of the organization.  To keep an organization secure requires awareness, understanding and actions by employees, managers and executives.   Increasingly Board of Directors are addressing cybersecurity … [Read more...]

Should You or Your Software Vendor Own The System’s Cybersecurity?

Dateline: February 9, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Many managers assume that the software they purchase from reputable vendors is cybersecure.  After all, our vendors know their software and their vulnerabilities, issue patches all the time, and stand to lose business and their reputation if it gets out that their software is … [Read more...]

The Count and Cybersecurity

Dateline: January 26, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. This week I'm teaching a short course at MIT on the managing and leading cybersecurity.  One key theme of this program is the importance of managing the people in the ecosystem since it's been observed over and over that the human risk is significant (and possibly much larger … [Read more...]

Balancing Innovation and Cybersecurity

Dateline: January 19, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Balancing innovation and cybersecurity can be a challenge.  Product design prioritization means that that difficult decisions have to be made about what to include in the design, and often cybersecurity is not above the cut line.  Recently, TechTarget interviewed Alissa … [Read more...]