Technology risk is straightforward, and well-understood. Cyber risk is elusive, confounding, and NOT well-understood. I could end my blog here, but I’ll add a bit more context.
Technology risks tend to be easy to get our minds around. These are relatively easy to identify and are typically immediately apparent when the risk is manifested as realities such as; power fluctua [...]Keep Reading
When you combine “Cyber” and “crucial,” automatically industries like Defense, Financial Services, and Airline Operations come to mind. However, when we shift our focus to Cyber Risk Analytics, things change a bit. Prepare to be surprised by these 3 industries where cyber risk analytics is top of mind for day-to-day operations.
Cyber is part of retail, no d [...]Keep Reading
This blog is the last in a three part series discussing how to solve the security risk puzzle. In this final blog, we will outline the critical capabilities required to solve the security risk puzzle.
Before we can define the critical capabilities required for solving the security risk puzzle, we first must define the key domains (or areas) that need to [...]Keep Reading
Below is a compilation of news articles covering some of the notable data breaches that occurred in May 2018. Doesn't this really put things into perspective?
Commonwealth Bank under fire again for data breach of 19m accounts - May 3
8.7 Billion Raw Identity Records on Surface, Deep and Dark Web in 2017 According to 4iQ 2018 Identity Breach Report - May 8
Card Breach [...]Keep Reading
Nehemiah Security partnered with MightyGuides to interview seven industry experts with the mission of advancing the risk management conversation among cyber professionals. Each interviewee was posed the question, “If your friend was put in charge of measuring cyber risk at their company, what advice would you give them?”
Suzie Smibert, CISO at Finning International, pr [...]Keep Reading
The introduction of the NIST cybersecurity framework 1.0 has been both expected and disruptive when it was first created in 2014. This framework has evolved the way many companies think about cybersecurity today. Many swear by it as well. This is why the release of NIST’s updated cybersecurity framework 1.1 is a pretty important event.
However, there are some limitations w [...]Keep Reading
Examining the Problem in Cyber
It is clear that limited resources are preventing cybersecurity professionals from doing their job well.
Spend 30 seconds at any cybersecurity presentation and you will hear an explosion of words like: smartphones, IoT devices, web servers, remote access to corporate networks, WiFi at your favorite coffee shop, web-based storage, etc. We are [...]Keep Reading
In this CyberTangent episode, we are joined by a very special guest, Jason Morris, CTO at Next Rev Technolgoies. At Nehemiah Security, our podcast host is Landon Johnson.
Today's topic is The Evolving Role of the CTO. Let's jump in!
Along with the rest of the cyber world, we recently returned from RSAC 2018 (RSA) in San Francisco. RSA is one of the biggest security conferences in the United States. It’s no mystery why every vendor scrambles to promote their company and make it stand out from the competition.
One tactic this year to attract attention seems to be to get weird. Here are some interesting, [...]Keep Reading
Below is a compilation of news articles covering some of the notable data breaches that occurred in April 2018. Doesn't this really put things into perspective?
Saks, Lord & Taylor hit by payment card data breach - April 3
Best Buy hit by 7.ai data breach, too - April 5
Panera Bread’s half-baked security - April 6
Data breach at military resort in Germany [...]Keep Reading