Guest Post: $60M Question – How much does a cyber breach cost an organization?

There is no simple answer. When asked to quantify the cost of a breach, security experts will take one of two paths: they will 1) Choose to calculate the breach cost (which sends them down a complicated path), or 2)  Decline to calculate. Remember what happened to Lincolnshire County Council in the UK in 2016? At this time, 300 endpoints were infected resulting in four days [...]

Keep Reading

An Executive Level Steering Committee is Critical to CISO Success

Nehemiah Security partnered with MightyGuides to interview seven industry experts with the mission of advancing the risk management conversation among cyber professionals. Each interviewee was posed the question, “If your friend was put in charge of measuring cyber risk at their company, what advice would you give them?” Before making a case for security expenditures t [...]

Keep Reading

Cyber Risk Prioritization Framework: Part One

You may have heard of the book “7 Habits of Highly Effective People.” This 30 year old book written by Steven Covey lays out an approach to being effective in work and in life. For you “Covey nerds,” here is a refresher on the 7 Habits: 1) Be proactive 2) Begin with the end in mind 3) Put first thing first 4) Think win-win 5) Seek first to understand, th [...]

Keep Reading

To Quantify Cyber Risk, Assess Potential Loss Events

Nehemiah Security partnered with MightyGuides to interview seven industry experts with the mission of advancing the risk management conversation among cyber professionals. Each interviewee was posed the question, “If your friend was put in charge of measuring cyber risk at their company, what advice would you give them?” Vicky Ames, Director of Information Security at [...]

Keep Reading

CyberTangent – 10 Questions on Cyber Risk with Jerry Caponera

In this CyberTangent episode, we are joined by a very special guest, Jerry Caponera, VP of Cyber Risk Strategy at Nehemiah Security. Our podcast host is Landon Johnson. Today's topic is 10 Questions on Cyber Risk. Let's jump in!

Keep Reading

Cyber Risk: don’t wait to get fit before you work out

An Austrian trainer offered me great advice a while back. A client he was training complained about not being “good” at pull-ups. In his thick Austrian accent (think Arnold Schwarzenegger), his guidance was “get lighter, get stronger.” Makes sense. Later, I heard the same trainer in his same economy of words, describe why so many people hold a gym membership and never u [...]

Keep Reading

It’s Q3: Time to build your cyber budget for 2019!

Fast forward to 2019. Actually, scratch that, 2019 is already here. ESPECIALLY if you are budgeting. In that case, you are already under the 2019 gun. If you are involved in cyber budgeting, one of the challenges you will face is deciding how to prioritize the cybersecurity budget and communicate those priorities to the C-suite. In this blog, we discuss a new way of thinking [...]

Keep Reading

You must relate requests to concrete cyber risk problems you will solve

Nehemiah Security partnered with MightyGuides to interview seven industry experts with the mission of advancing the risk management conversation among cyber professionals. Each interviewee was posed the question, “If your friend was put in charge of measuring cyber risk at their company, what advice would you give them?” Richard Rushing, CISO at Motorola Mobility, stat [...]

Keep Reading

A Simple Strategy for Managing Cyber Risk – Pulling the Goalie

Do sports metaphors work for cybersecurity practices? Consider whether we can steal a best practice from hockey… As a lifelong and avid Washington Capitals fan, I took great delight watching the final game of the Stanley Cup playoffs. The Caps opponent, the Vegas Golden Knights, were down 3-2 with two minutes left. Desperate to tie the score, the Knights employed a common [...]

Keep Reading

We Need to Understand Cyber Risk and Make it Tangible

Nehemiah Security partnered with MightyGuides to interview seven industry experts with the mission of advancing the risk management conversation among cyber professionals. Each interviewee was posed the question, “If your friend was put in charge of measuring cyber risk at their company, what advice would you give them?” Heath Taylor, Director of Information Security C [...]

Keep Reading