The Race to Secure Your Supply Chain

Cybercriminal Attack: Lessons Learned

Introducing CISO Blogs

This Is How All CISOs Should Build a Business Case

CISO Perspectives

A Conversation with Greg Crabb – Part 3

A Conversation with Greg Crabb – Part 3

In our third and final interview with Greg Crabb, the Virtual CISO and former CISO and Vice President for the United States Postal Service, he shares the changes he’s seen in cybersecurity during his career and what’s surprised him the most. Greg also explains the 4 C’s of innovation, what’s kept him active during the pandemic, and which family member plans to follow in his footsteps.

A Conversation with Greg Crabb – Part 2

A Conversation with Greg Crabb – Part 2

In part 2 of this three-part interview, Greg Crabb, Virtual CISO and former CISO and Vice President for the United States Postal Service, discusses how he sees the CISO role evolving. Greg proposes a new title for CISOs, who he feels CISOs should report to, and outlines what a CISO should do in their first 90 days on the job. He also shares an interesting story about what event preceded him joining the US Postal Service.

A Conversation with Greg Crabb – Part 1

A Conversation with Greg Crabb – Part 1

Greg Crabb is a Virtual CISO and former CISO and Vice President for the United States Postal Service. He, in fact, is a third-generation postal employee. In part 1 of this interview, Greg shares how he got started in the cybersecurity industry 26 years ago, how to keep the business running without compromising security, and what 80’s movie inspired him to get into federal law enforcement.

Cyberattacks Are Changing How CISOs Secure the Supply Chain

Cyberattacks Are Changing How CISOs Secure the Supply Chain

Supply chain cyberattacks have increased dramatically since the start of the pandemic. To mitigate this risk, CISOs need a vendor risk management strategy that includes knowing which vendors have their data, what type of data they have, and where they store it. A defined patch management strategy also helps CISOs mitigate supply chain risk. If you receive a patch notification from a vendor, you should trust that it’s a good patch. You should, however, test that patch within a secure environment before releasing it into the network. In other words, adopt a trust but verify approach.

All CISOs Must Read This Before Returning to the Office

All CISOs Must Read This Before Returning to the Office

New challenges are coming to light as employees return to the office. One near term challenge CISOs must be aware of is balancing a workforce in which some employees work in the office while others remain at home. Some employees fear their careers will stall if they continue to work from home, compared to their in-office coworkers who get daily face time with upper management. Will the fear of not being promoted outweigh the fear of returning to the office? Only time will tell.

This Investment Will Help CISOs Keep Their Jobs

This Investment Will Help CISOs Keep Their Jobs

In the words of renowned cybersecurity technologist and author Bruce Schneier, “Amateurs hack systems, professionals hack people.” Organizations must invest in employee security and awareness programs. Employees engaged in cybersecurity think about security and risk on a daily basis, but what about a frenetic office receptionist, busy ER nurse, or overworked lawyer? Recurring security awareness programs, on a quarterly basis for example, keep security on the forefront of employees’ minds and help mitigate the human errors that cost organizations millions and often CISOs their jobs.

Women in Cyber

A Conversation with Katie Arrington

A Conversation with Katie Arrington

In this interview, Ms. Arrington shares her view from the Pentagon of the pandemic and how the experience mirrors the terrorist attacks on 9/11. She also shares an interesting story about how she got her start in cybersecurity, how FaceTime, telehealth and food delivery apps have become essential services during COVID, and the surprising individuals who inspire her the most.

A Conversation with Theresa Payton

A Conversation with Theresa Payton

In this remarkable interview, Theresa talks about her conversation with “HackerX,” the subject of her recent book, and his role in the 2016 presidential election. She also outlines how organizations can prepare for a deep fake attack, and what 18 to 25-year-olds are getting wrong when it comes to spotting misinformation in the media.

A Conversation with Meredith Harper

A Conversation with Meredith Harper

Meredith Harper, Vice President and CISO for Eli Lilly and Company, is no stranger to the healthcare industry. In this fireside chat, Meredith discusses how Eli Lilly has maintained their company culture in the midst of the pandemic and how they’re addressing third-party risks. She also discusses how Eli Lilly addressed the recent social injustices, specifically diversity, equity and inclusion, as well as the role Miss Pac-Man plays in reducing her stress.

CISO BLOGS

Stagehand: Episode 2

Stagehand: Episode 2

Carl Timmons: CISO of Illuminating Solutions, a data analytics firm, forty-seven years old, never been married. Last Thursday, Carl arrived in San Jose on business. He was picked up by a company car and driven to The Manifeld Hotel. He was last seen leaving the hotel...

read more
The Dark at the Top of the Stairs

The Dark at the Top of the Stairs

Let’s say you need to apply a critical patch across the organization, and the patch requires a reboot. While forcing a reboot to apply a critical patch is important, it creates business disruption that ripples out to your customers. Sooner or later, someone in the...

read more
The Risk of Banking

The Risk of Banking

I just came off a big Zoom call with traditional bankers where they discussed changes in client behaviors, and the impact which new technologies bring, that fundamentally challenge today’s traditional European banking models. At the end of 2019, Boston...

read more
Effective Board Communication for CISOs

Effective Board Communication for CISOs

Know Your Board If you’re a CISO, your Board generally knows who you are and what you do. But do you know who they are? No Board is monolithic. Each Board member brings unique value to the Board. Each is selected for what they add to the Board’s perspective, vision,...

read more

CISO Sillies

Can You Hear Me Now?

Can You Hear Me Now?

Since the global pandemic chased everyone indoors, Zoom web meetings have become the new normal. We will figure this out. Eventually.

Beware The CISO’s Wrath

Beware The CISO’s Wrath

CISOs have a lot of patience. Patience however is a virtue that can be tested from time to time. As the old saying goes, if you’re not a part of the solution…

Subscribe To Our Newsletter

Join our mailing list for up to the minute cyber security news:

You have Successfully Subscribed!