BLOG

Cyber Acronyms and Alphabet Soup

February 22, 2017
One of our organizational missions is to ensure that our Members are kept informed on the market trends that have a bearing on their organizations and their personal brands and careers. Here are several from a non-affiliated company, MCI Concordia. They advertise these trends... "The top 4 ...more
Category: Cyber Security

Cyber Risk is an Iceberg

February 15, 2017
We want to call your attention to Jeff Burchill's great article in CFO magazine from July 7th 2015 that has a major long-term message for us as business people, not technologists. Here's the link to this article. Jeffrey A. Burchill is senior vice president of finance and chief financial officer ...more
Category: Cyber Security

The Business Case for Cybersecurity Insurance

June 10, 2016
I was at the zoo the other day and I saw an Australian black swan. Until I saw the swan myself, I believed all swans were white and that any sightings of black swans were anecdotal. Now I can say that not all swans are white. Before that day, no matter how many white swans I saw, I could not say ...more
Category: Cyber Security

The Need for Heuristics in Cybersecurity

June 09, 2016
Information and cyber security professionals need a good set of heuristics.  You do not always have the luxury or the data to do a full decision analysis or risk assessment, so sometimes you have to “satisfice” as Herbert A. Simon once wrote[i].  So you need a “rule of thumb,” a mental ...more
Category: Cyber Security

Architecture

June 09, 2016
When I teach classes on governance, I ask the class if you were just made manager of something; security, change, problem or any of the COBIT processes, and you had a “greenfield,” what would you do first in the planning[i] phase?  I get wide-ranging answers but they usually start with fix ...more
Category: Cyber Security

Agile is Fragile

June 09, 2016
If I asked you what is the antonym of fragile, I bet you would say something like resilient unless you have read Nassim Taleb[i]. But what is fragility and what does it have to do with cybersecurity? The definition of fragile is that it is easily broken.  You will find many articles on the ...more
Category: Cyber Security

Benchmarking Your Cybersecurity Program

June 09, 2016
You have probably heard the adage “hackers only need to get it right once, we need to get it right every time.”  Well you cannot truly expect perfection in your organization, but you can expect excellence.  You can expect your processes to be the best darn processes ...more
Category: Cyber Security

Cyber Security as a Matter of Resilience

March 30, 2016
--Cyber Security as a Matter of Resilience (September 22, 2014) Experts say that the cyber security conversation is better served by focusing on resilience rather than on prevention. Adm. Michael Rogers, NSA Director and commander of US Cyber Command, said that the question is "How, in the midst ...more
Category: Cyber Security

SIFMA Publishes Recommendations for Effective Cybersecurity Regulatory Guidance

March 30, 2016
SIFMA Publishes Recommendations for Effective Cybersecurity Regulatory Guidance   Release Date: October 20, 2014 Contact: Liz Pierce, 212.313.1173, lpierce@sifma.org          SIFMA Publishes Recommendations for Effective Cybersecurity Regulatory ...more
Category: Cyber Security