Creating the Measuring Stick for Self-Awareness
Posted on: 13 Sep 2023
CISOs need to measure themselves to further develop their programs. Assessments help to make the case for the success of an existing program, while supplying the data necessary to get…
Why Aren’t There More Women in Cyber?
Posted on: 05 Sep 2023
There are a lot of women out there with tech backgrounds. So why aren’t there more women in cyber? I think it comes down to hiring practices, and which companies…
Resist the Impulse to Window Dress
Posted on: 30 Aug 2023
New rules published by the Securities and Exchange Commission require public companies to have someone responsible for cybersecurity. What worries me is that some companies are going to be handing…
Information Sharing for the Common Good
Posted on: 08 Aug 2023
As CISOs, we’re trained that when things happen to our organizations, it’s supposed to stay inside, close to the vest. I say we need to be more open about what’s…
You’re Setting Up Entry Level Hires to Fail If You Don’t Train Them
Posted on: 27 Jul 2023
Sticking with this topic of hiring entry level candidates, let’s talk about training. Companies will use entry level as a way to hire lower-cost resources to help them stretch their…
Five Ways to Mitigate the Risk of Large Breaches
Posted on: 20 Jul 2023
Big breaches are still happening, even if they’re not making headlines anymore. I’d like to identify five things we can do to mitigate the risk. 1) PEOPLE In a lot…
Entry-Level Hiring Strategies for CISOs
Posted on: 23 Jun 2023
I hear from entry level candidates that it’s impossible to find a job. And then I hear from employers that the quality of entry level candidates is not great. Part…
Show Your Value with an Executive Protection Program
Posted on: 05 Jun 2023
In an era of deep fakes and easy impersonation, it’s important for security officers to create an executive protection program. The program should apply to all of the company’s major…
Streamlining Security in a Product Shop
Posted on: 19 May 2023
Creating a strong security program in a product shop is tough. In a setting where quick movement and fast production is the key driver of revenue, security can feel like…
New Tech Isn’t Always Great, But It Tends to be Risky
Posted on: 25 Apr 2023
There are lots of examples of how the quick adoption of a technology can be quite dangerous when you haven’t dotted every “i” and crossed every “t.” Think about the…