Executive Mistakes After a Data Breach

Dateline: January 12, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. We have a long way to go before we can be sure our data and systems are secure.  In the meantime, executives can take some comfort in knowing that many before them have had to made tough decisions to both protect and recover from sever cyber attacks.  Harvard Business Review … [Read more...]

The 10 IT Principles That Have Stood the Test of Time

Dateline: January 5, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. To start out the new year, we thought it would be interesting to think about how some things never change in the IT world.  A nice blog by CIO Magazine Columnist Bob Lewis reminds us that there are still some key principles that all IT strategic plans must follow.  In his … [Read more...]

Cybersecurity for Small Businesses

Dateline: December 29, 2017 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Small businesses have the same needs for cybersecurity as large businesses, but more often neglect doing the very basic actions that are needed, according to a recent article published by Tech News World.  Journalist David Jones published an article titled Small Companies … [Read more...]

Offensive and Defensive Cybersecurity

Dateline: October 27, 2017 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. The complexity of being cyber-resiliant can be overwhelming.  Knowing what to do, and how much is enough is difficult to figure out for almost everyone.  Recently author Michael Lewis, the CIO at Copper State published an opinion piece at Information Management about a … [Read more...]

Boards Are Interested in Cybersecurity Too

Dateline: September 29, 2017 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. With all the media attention focused on recent cyber events, it's no wonder our Boards are getting involved.  Certainly a catastrophic event such as Equifax experienced recently shows Board leaders that a large vulnerability might exist in their company.  Making sure these … [Read more...]

The Business Mindset of Cyber-Criminals

Dateline: July 21, 2017 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Cyber-criminals are organized, smart and well-funded.  If we think of cyber attacks as the 'service' of a 'well-organized business' then we can come up with strategies to 'compete' against it.  By compete, we mean become more cyber-resilient, not go into the cyber-crime business, … [Read more...]

Threat Hunting Needs Technology and People

Dateline: July 14, 2017 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Continuing on our theme of the organizational side of cybersecurity leadership, this week we look at threat hunting.  A blog titled Threat Hunting and the Pyramid of Pain (written by flOx2208, a "common human being wanting to share my knowledge and experience") suggests that … [Read more...]

Cybersecurity Basics

Dateline: July 7, 2017 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Next week I'm leading a session on building a cybersecurity culture at of the annual meeting of the Cybersecurity Consortium at MIT's Sloan School (Full disclosure: I am the Executive Director of the Consortium, you can learn more about (IC)3 activities and membership here).   In … [Read more...]

Changing Corporate Perception of Cybersecurity

Dateline: June 30, 2017 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. This past week a new ransomware cyber threat made its way through hundreds of computers.  While not surprising that another attack was launched, what was surprising is that NotPetya exploited the same vulnerability as WannaCry just a few weeks earlier.  It was successful because … [Read more...]

Cybersecurity is Not Just a Technical Problem

Dateline: June 23, 2017 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Getting our hands around cybersecurity is a top priority for many executives.  CIOs and CISOs understand cybersecurity is more than a technical problem to solve.  Other C-suite executives are quickly coming up to speed, understanding that being cyber-resiliant is the … [Read more...]