Preparedness & Cyber Risk Reduction Part Five C: Operations-Based Exercises

As we continue in our series on Preparedness, and concluding this mini-series on exercises, in the section that follows, we’ll look at different types of operations-based exercises as we continue to explore some of the ways our fictional character, Johnny, and his colleagues at Acme Innovations can take a progressively challenging approach to exercise design… Read More

Preparedness & Cyber Risk Reduction Part Five B: Discussion-Based Exercises

Continuing our series on Preparedness, and this mini-series — exercises (see previous post for the intro to exercises) — this installment and the next build on our introduction, and in the section that follows we’ll look at different types of discussion-based exercises as we consider some of the ways our fictional character, Johnny, (introduced in… Read More

Preparedness & Cyber Risk Reduction Part Five A: Intro to Exercises

Returning to our ongoing series on Preparedness, this post addresses what is probably the most fun part of preparedness — exercises! A championship football team needs to be complete — with great linemen to fight in the trenches, defensive players to dominate their side of the ball, skills players and special teams to razzle and… Read More

Preparedness & Cyber Risk Reduction Part Four: Awareness and Operational Training

In our ongoing series on Preparedness & Cyber Risk Reduction, we’ve discussed an “Introduction to the Preparedness Cycle” and we’ve explored the topics of preparedness and operational planning, and organizing and equipping. In our sustained effort to reduce risk through proper preparedness, we’ll tackle the next critical step in the Preparedness Cycle — training. To… Read More

Preparedness & Cyber Risk Reduction Part Three: Organize & Equip

In Parts One and Two of this blog series, “Introduction to the Preparedness Cycle,” we took a general look at threats, risks and preparedness, as well as a slightly deeper look into planning — both preparedness and operational planning — to minimize the likelihood and impacts of the undesired threats that have the potential to… Read More

Preparedness & Cyber Risk Reduction Part Two: Preparedness and Operational Planning

In part one of this blog series, “Introduction to the Preparedness Cycle,” we took a general look at threats, risks, and preparedness. Recognizing that there will be undesired threats that develop into disruptions and other “unwanted outcomes” impacting our organizations’ people, information, operations, and/or facilities, we want to be ready and resilient — ideally preventing… Read More

Monitoring Your Digital Risk Footprint: Q&A with a Former CISO

The digital footprints of many organizations are expanding, and with that expansion comes more avenues of attack for cybercriminals to exploit. The past few years have seen organizations having to manage more devices, more social media channels, and more customer service features — in addition to the increased interconnection and sharing of data with partners, vendors,… Read More

Preparedness & Cyber Risk Reduction Part One: Introduction to the Preparedness Cycle

Bad things happen. Whether we’re dealing with our personal or professional business, life seems to always have a variety of bumps and obstacles that pop up in our path. We should anticipate that these disruptions will arise and prepare ourselves to move through them as successfully and efficiently as possible while minimizing the impacts the… Read More

Greater Interconnectivity Means a Greater Level of Presence and in Turn More Risk

Technology advances continue to push boundaries — remember when a phone was just a phone?! More “smart” devices, more interconnectivity between businesses and customers, businesses and suppliers, businesses and partners … all of this speeds transactions and the way business is conducted. Information is shared, items are purchased — all with the click of a button these… Read More

Talking Strategic, Operational and Tactical Threat Intelligence

Cyber threat intelligence has become increasingly popular over the past few years. With that rise comes a variety of questions around the different types of intelligence that is available and how that intelligence can be best implemented by organizations looking to mitigate their cyber risk. According to SurfWatch Labs chief security strategist Adam Meyer, there are… Read More