cyber security

Chief Information Security Officer (CISO)Information security has become quite a popular topic with board members over the years. The advancement of the Internet and social media has helped companies in many ways, however it has also caused them to be more cautious when it comes to cyber security. No company wants to be the next big name that makes the news because they were breached. The role as Chief Information Security Officer (CISO) has never been more important. Read Full Post

CISO Discussing Cybersecurity

Consider this, controls are for auditors, processes are for managers. As someone who has been issuing guidance and helping companies to improve upon their information security for the past 17 years I’ve concluded the industry approach to information security is too narrow. Often times tools are purchased as a reaction to the latest threat or worse, a socially cool trend. To truly operationalize security, information security practitioners, particularly leaders (CISO’s), must focus on how to manage the security program, both data security and cyber security, based on performance of processes. Read Full Post

Controls are for Auditors, Processes are for Managers

Cyber risk assessment and managementIf you’re a business owner you likely have a million “hats” to wear on a daily basis. You probably handle sales, marketing, customer service, IT, payroll and many other tasks. This is simply the price of running your own business. While the benefits of being your own boss are often worth it, running your own business is hard work. One area that often gets overlooked is data security. Read Full Post

Best Practices for Cyber Data Security