Increasing Cybersecurity Requires Organizations to Collaborate

Dateline: April 13, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. It's becoming increasingly clear that one 'feature' of our business environment is making it possible for the cyber-criminals to be successful:  Our public and private organizations are hesitant to collaborate and work together.  Our competitive business ecosystem, regulations, … [Read more...]

No Silver Bullet to Cyber Security: It’s a Shared Responsibility

Dateline: March 30, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Recently we have focused on cybersecurity governance in this blog and this week, we share a thought about the broader executive responsibility for keeping our companies cybersafe.  Cybersecurity doesn't have a 'silver bullet' answer: keeping our organization secure requires a … [Read more...]

Cryptojacking Public Cloud Environments Becoming More Popular

Dateline: March 23, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Cybersecurity seems to be taking a new turn with the bad guys using our systems to mine their own cryptocurrencies, not just to hold us ransom or steal our data.  They are now stealing our cloud-based processing power and this is being called "cryptojacking".  Recently TechTarget … [Read more...]

People are the Hardest Part of Cybersecurity

Dateline: March 2, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Making a company cyber resilient is both a people and a technology problem.  Recently, TechTarget interviewed Alissa Johnson, the CISO of Xerox Corp.  In that interview, she was asked about the difficulty of managing these two critical components of cybersecurity. What is more … [Read more...]

Cyber Security vs Resilience: The Board’s Role

Dateline: February 23, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Cybersecurity is a business concern that must be addressed at every level of the organization.  To keep an organization secure requires awareness, understanding and actions by employees, managers and executives.   Increasingly Board of Directors are addressing cybersecurity … [Read more...]

Should You or Your Software Vendor Own The System’s Cybersecurity?

Dateline: February 9, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Many managers assume that the software they purchase from reputable vendors is cybersecure.  After all, our vendors know their software and their vulnerabilities, issue patches all the time, and stand to lose business and their reputation if it gets out that their software is … [Read more...]

The Count and Cybersecurity

Dateline: January 26, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. This week I'm teaching a short course at MIT on the managing and leading cybersecurity.  One key theme of this program is the importance of managing the people in the ecosystem since it's been observed over and over that the human risk is significant (and possibly much larger … [Read more...]

Balancing Innovation and Cybersecurity

Dateline: January 19, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Balancing innovation and cybersecurity can be a challenge.  Product design prioritization means that that difficult decisions have to be made about what to include in the design, and often cybersecurity is not above the cut line.  Recently, TechTarget interviewed Alissa … [Read more...]

Executive Mistakes After a Data Breach

Dateline: January 12, 2018 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. We have a long way to go before we can be sure our data and systems are secure.  In the meantime, executives can take some comfort in knowing that many before them have had to made tough decisions to both protect and recover from sever cyber attacks.  Harvard Business Review … [Read more...]

Cybersecurity for Small Businesses

Dateline: December 29, 2017 Welcome to our Friday WRAP – one thought-provoking idea to think about over the weekend. Small businesses have the same needs for cybersecurity as large businesses, but more often neglect doing the very basic actions that are needed, according to a recent article published by Tech News World.  Journalist David Jones published an article titled Small Companies … [Read more...]