A Simple Strategy for Managing Cyber Risk – Pulling the Goalie

Do sports metaphors work for cybersecurity practices? Consider whether we can steal a best practice from hockey… As a lifelong and avid Washington Capitals fan, I took great delight watching the final game of the Stanley Cup playoffs. The Caps opponent, the Vegas Golden Knights, were down 3-2 with two minutes left. Desperate to tie the score, the Knights employed a common [...]

Keep Reading

CyberTangent – A Deep Dive into Insider Threats with Grant Elliott

In this CyberTangent episode, we are joined by a very special guest, Grant Elliott, CEO of Ostendio ostendio.com/ At Nehemiah Security, our podcast host is Landon Johnson. Today's topic is A Deep Dive into Insider Threat. Let's jump in!

Keep Reading

Data Breach Report: July 2018

Below is a compilation of news articles covering some of the notable data breaches that occurred in July 2018. Doesn't this really put things into perspective? Adidas Breach Hits US Retail Site - July 2 Typeform data breach exposes users of many websites - July 2 Costa Coffee job applicants' details exposed in cyber attack on recruitment website - July 2 Weak Admin [...]

Keep Reading

We Need to Understand Cyber Risk and Make it Tangible

Nehemiah Security partnered with MightyGuides to interview seven industry experts with the mission of advancing the risk management conversation among cyber professionals. Each interviewee was posed the question, “If your friend was put in charge of measuring cyber risk at their company, what advice would you give them?” Heath Taylor, Director of Information Security C [...]

Keep Reading

2018 Cyber Risk Analytics Market Survey

As researchers, we devote our waking hours (and sometimes sleeping) to "finding the answer." The irony is, we constantly walk around with a ton of questions! These days at Nehemiah Security, many of our questions surround things like “What are companies doing to measure cyber risk?” This is where you come in. Introducing the 2018 Cyber Risk Analytics Market Survey. We [...]

Keep Reading

CyberTangent – The “R” in GRC with Vicky Ames

In this CyberTangent episode, we are joined by Vicky Ames, Director of Information Security at Marriott International. At Nehemiah Security, our podcast host is Landon Johnson. Today's topic is The "R" in GRC. Let's jump in!

Keep Reading

CyberTangent – The Problem with Vulnerability Patching with Kevin McLaughlin

In this CyberTangent episode, we are joined by a very special guest, Kevin McLaughlin, an expert with over 35 years of Law Enforcement, Corporate & Cyber Security experiences. At Nehemiah Security, our podcast host is Landon Johnson. Today's topic is The Problem with Vulnerability Patching. Let's jump in!

Keep Reading

DCRO Cyber Risk Governance—3 Things They Got Right, 2 Things Likely to Change Over Time

The DCRO (Directors and Chief Risk Officers group) recently published their Guiding Principles for Cyber Risk Governance. Their goal is to help assess the practices boards and C-level leaders use to manage cybersecurity. The article in PRWeb represents a valiant and important start to advance the commentary about this critical topic, one that is near and dear to our hearts.  W [...]

Keep Reading

Data Breach Report: June 2018

Below is a compilation of news articles covering some of the notable data breaches that occurred in June 2018. Doesn't this really put things into perspective? SS7 routing-protocol breach of US cellular carrier exposed customer data - June 1 MyHeritage Genealogy Site Announces Mega Breach Affecting 92 Million Accounts - June 5 Security consultants mop up after PageUp [...]

Keep Reading

In times of crisis, are the CISO and Board ready to deal?

A recent survey of Directors by NACD revealed the second most significant issue that will undermine their companies’ strategic objectives is a cyber-attack.  As both a security executive, and active advisory board member, my only surprise is that it’s not number one. I’m encouraged by the increased focus CISOs and Boards have been putting toward viewing cyber risk as [...]

Keep Reading