Getting Started with RQ 2.7

What does getting started with RQ really look like? How long does it take to get fully implemented? This and many other questions may be circulating in your mind as you decide how to plan on moving forward with our tool if you just purchased it or what that engagement MIGHT look like if you are considering buying. In this blog, we want to walk you through an approximate timelin [...]

Keep Reading

A New Strategy for CEOs on the Cybersecurity Battlefield: Part 1

Gartner’s new article, 8 Reasons More CEO’s Will Be Fired Over Cybersecurity Incidents, sheds light on a handful of critical challenges CEOs have when managing cybersecurity. It is a compelling read, one that led me to wonder, does this have to be the reality? Is there something we can do to change this course? These are heavy, complex questions. And, they will be differ [...]

Keep Reading

Guest Post: PCI Compliance history, status, and outlook

The Payment Card Industry-Data Security Standard (PCI DSS) has been around for many years. Regardless, we think it is worthwhile to review the history of PCI and explore current and future developments to better capitalize on the value-add of PCI. PCI-DSS…a gleam in the eye of fraud mitigation The PCI Compliance program began in the Payment Card Industry, which encompasses [...]

Keep Reading

Definitive Guide to Cyber Risk Analytics: Chapter 1

In this chapter, you will: • Understand why cyber risk is a business problem • Recognize the challenges of communicating cyber risk • See why cyber risk analytics is a business imperative “If no mistakes have you made, yet losing you are, a different game you should play.” ― Yoda. It’s a vicious cycle. Hacker motivations have risen to new levels and [...]

Keep Reading

Understanding business priorities is key in justifying security spend

Nehemiah Security partnered with MightyGuides to interview seven industry experts with the mission of advancing the risk management conversation among cyber professionals. Each interviewee was posed the question, “If your friend was put in charge of measuring cyber risk at their company, what advice would you give them?” Genady Vishnevetsky (chief information security of [...]

Keep Reading

Data Breach Report: February 2019

Below is a compilation of news articles covering some of the notable data breaches that occurred in February 2019. Doesn't this really put things into perspective?   Houzz resets user passwords after data breach - Feb 1 Parenting site Mumsnet hit by data breach - Feb 8 Experts comment on Aus Parliament breach - Feb 11 Major Security Breach Found in Hospital [...]

Keep Reading

The High Cost of Doing Nothing

Don’t have time to read? Start listening to this blog post now: In business, the name of the game is to make hard choices with the hope that the decision made will pay off. IT is not exempt from these difficult decisions. Originally coined in 1992 to address quick and dirty coding in software development, technical debt has evolved to “reflect the implied costs of ad [...]

Keep Reading

Why the CFO and CISO need to get along

Business exists as a system to capture and expand revenue. At the heart of this system is the relationship between the CFO and the CISO. The CFO is eager to remove all barriers to revenue. In many cases, removing those barriers make the business harder for the CISO to protect. Success in the near future for businesses will be dictated in large part by the abilities of the CFO a [...]

Keep Reading

Shifting cyber risk measurement from red, yellow, green to financially-quantified

The Cyber Traffic Light…If Only It Were That Easy. Red means Stop. Yellow means Caution. Green means Go. To millions of commuters, these definitions are obvious. I wish it were this simple in Cybersecurity, but it’s just not. Yet there are still a number of companies that are attempting to direct the traffic of their cyber messages to their Board of Directors using Red, [...]

Keep Reading

To Quantify Cyber Risk, Assess Potential Loss Events

Nehemiah Security partnered with MightyGuides to interview seven industry experts with the mission of advancing the risk management conversation among cyber professionals. Each interviewee was posed the question, “If your friend was put in charge of measuring cyber risk at their company, what advice would you give them?” Vicky Ames, Director of Information Security at [...]

Keep Reading