Making Insurance Part of Your Enterprise Risk Management Program – Part Three

In this series, Grace Crickette provides C-Level executives a comprehensive overview of cyber insurance, while addressing business impacts and offering best practices for implementing a risk-management strategy that includes a cyber-liability policy. Part One Part Two Part Three: Risk Management and Insurance Basics Insurance and Risk Management Basics Insurance is just one tool in the Risk…

Details

Protecting the Republican National Convention – My Reflections

As the 2016 Republican and Democratic National Conventions are about to begin, Security Current has challenged me to reflect on an assignment I was given when I was an IT security executive at a major cable, telecommunications and Internet Service Provider. Over four years ago, I was given the opportunity to build from the ground…

Details

The Business of Security

More and more devices are being Internet-enabled daily. To securely drive an organization’s digital strategy, CISOs need to better understand business and new technologies across groups within the enterprise. It is critical to learn how to create value from their data, and understand technical capabilities for the whole business, not just in the IT domain,…

Details

Security: It’s Not the Speed that Kills

My friend Randy Marchany tweeted a link to an article “Millennials Value Speed Over Security, Says Survey”  that started me thinking about the apparent conflict between speed and security.  If you google “Agile software development,” you will see a Wikipedia page, which extensively covers the topic. “Agile software development is a set of principles for software development in…

Details

It’s the Data, Stupid

I was looking at Facebook the other day (yes, I know – a security guy that uses Facebook – just wait until you have grandkids and a scary message appeared at the top of the page. It was the 39 year anniversary of my employment at Columbia University. I have been working in IT for 39…

Details