BLOG

One of our organizational missions is to ensure that our Members are kept informed on the market trends that have a bearing on their organizations and their personal brands and careers. Here are several from a non-affiliated company, MCI Concordia. They advertise these trends... "The top 4 ...more

We want to call your attention to Jeff Burchill's great article in CFO magazine from July 7th 2015 that has a major long-term message for us as business people, not technologists. Here's the link to this article. Jeffrey A. Burchill is senior vice president of finance and chief financial officer ...more

I was at the zoo the other day and I saw an Australian black swan. Until I saw the swan myself, I believed all swans were white and that any sightings of black swans were anecdotal. Now I can say that not all swans are white. Before that day, no matter how many white swans I saw, I could not say ...more

Information and cyber security professionals need a good set of heuristics.  You do not always have the luxury or the data to do a full decision analysis or risk assessment, so sometimes you have to “satisfice” as Herbert A. Simon once wrote[i].  So you need a “rule of thumb,” a mental ...more

When I teach classes on governance, I ask the class if you were just made manager of something; security, change, problem or any of the COBIT processes, and you had a “greenfield,” what would you do first in the planning[i] phase?  I get wide-ranging answers but they usually start with fix ...more

If I asked you what is the antonym of fragile, I bet you would say something like resilient unless you have read Nassim Taleb[i]. But what is fragility and what does it have to do with cybersecurity? The definition of fragile is that it is easily broken.  You will find many articles on the ...more

You have probably heard the adage “hackers only need to get it right once, we need to get it right every time.”  Well you cannot truly expect perfection in your organization, but you can expect excellence.  You can expect your processes to be the best darn processes ...more

--Cyber Security as a Matter of Resilience (September 22, 2014) Experts say that the cyber security conversation is better served by focusing on resilience rather than on prevention. Adm. Michael Rogers, NSA Director and commander of US Cyber Command, said that the question is "How, in the midst ...more

SIFMA Publishes Recommendations for Effective Cybersecurity Regulatory Guidance   Release Date: October 20, 2014 Contact: Liz Pierce, 212.313.1173, lpierce@sifma.org          SIFMA Publishes Recommendations for Effective Cybersecurity Regulatory ...more