Legal Anatomy of California’s First CCPA Settlement – Learn California’s Definition of a Sale of Personal Information
Despite the AG notifying Sephora of alleged CCPA violations, Sephora failed to cure those violations within the 30-day cure period currently allowed under the CCPA.
The Need for Cybersecurity Experts
In the modern cyber landscape, everyone is a target and every business needs to defend itself against cyber threats.
Knowing You Have a Problem is a Good Start
Discover how a restaurant chain’s cybersecurity gap led to a costly malware attack. Learn key vulnerabilities and steps to avoid massive legal fallout.
Worldwide Threat Assessment
Discover why the U.S. needs a ‘New Manhattan Project’ for cybersecurity. Learn about rising threats from global adversaries and the urgent call for action.
Marauding Through the Shadows
As we have been trying to point out this and last week, the cloud as an opportunity gateway for cybercrime and broad vulnerability exploit places it squarely in the first place as human error targets – folks who use the cloud in private contexts (with data and credit cards) continually, while unwittingly raise the stakes […]
Recapping Our CISO Engagement Research
Research Reports We see a lot of research reports as we are sure most marketers do as well. We write quite a few of them ourselves. On topics ranging from brand storying to personalized video experiences. ABM to Influencer marketing. Cyberwarfare to ransomware. We just published the result of a large research project we helped […]
InfoSec’s Maturity Problem
Reflecting on my recent pilgrimage to RSA Conference, and conversations with CISO and vendor peers and friends, two overarching conclusions are that hot themes emerge that cluster all solutions – as well as VC investments in these – together in what appears to be ‘the CISO’s new priority area’ (1) while further adding complexity, and […]
Gartner Research: Cybersecurity Leaders Losing Control in a Distributed Ecosystem
The data points contained in this research report are strong co-indicators of trends in cybersecurity that argue for increased, enterprise wide education and training. But, they don’t argue for traditional approaches to education and training as these trends developed in spite of programs that tried to create a culture of security consciousness throughout the enterprise […]
Why We’re Losing the Cybersecurity Education Game
There is a broad gap between purposeful learning with personal development benefits and catalog-based eLearning programs. One approach can boost employee development and create a culture of learning and critical thinking while the other actually stifles employee development in the name of education. We face critical skills shortages across the board, but perhaps nowhere is […]
Digital Blood On Their Hands
On Thursday 24 February 2022, coincidently, the same day of my sister’s birthday, Russia launched a comprehensive invasion of Ukraine. This attack followed weeks of Russian forces building on the Russian, Ukrainian border amidst dismissive rhetoric by Vladimir Vladimirovich Putin, Russia’s President of a ‘special operations exercise’ and weeks of cyberwar attacks on critical digital […]
New Year, New Beginnings
The Beginnings of 2022 Are Off to a Predictable Start Our first quarter data suggests a continuation of the most profitable and workable cyberattack schemes from the prior four quarters with some newly active approaches and mini-markets (for now) to keep the pressure on our defenses. Crypto Markets We have seen crypto hacking surge this […]
Cybersecurity Management: Where to Start?
It’s Not Just Cybersecurity Management Two takeaways from an explosion of cybersecurity chaos are: If someone just dropped in from Mars, they might wonder why we spend so much on technology and spend virtually nothing on the base causes of attacks? My experience in Managed Security Services says that most companies today lack any sort […]
Your Business Partner, Cybersecurity
Fourth Revolution: Revenue Source? All of the big breaches over the last few years have had three things in common. Home Depot, Yahoo, Target, Adobe and even Equifax had good technologies in place, smart people and responsive processes yet all suffered extensive breaches worth tens and hundreds of millions of dollars. In the case of […]
The Zero Trust Dictionary
Because there has been so much word salad thrown about these days around Zero Trust, John Kindervag was kind enough to put a rough cut behind his Zero Trust creation, so as we move toward a strategy, we have a better chance of success if we know what we are talking about and agree to […]
Myths Within The Chronicles of Cybersecurity
IT to OT And IIoT Chronicles Get ready for a major shift in the world of state-sponsored cyberattacks. As we witness the shifting underpinnings of power throughout the East and soon to be the Middle East, these future cyberattacks will be focused on cyber physical attacks. Going back to Colonial and JBS Foods as probative […]
Cyberattack: More Flattening Than Flat Packed
IKEA hit by a widespread cyberattack affecting servers and spreading malware. The incident raises urgent questions about customer data security.
A Global NAS Infection
As further proof that we are not only losing this cybersecurity war, we seem to be barely engaged with the pace of our adversaries. Consider the relatively new strain of malware that has infected thousands of network-attached storage (NAS) devices for the apparent purpose of establishing a botnet beachhead from which to launch future DDoS […]
Coronavirus Means More BEC
As an increasing proportion of the workforce shifts to remote work, email usage will only increase. This is a dream for cybercriminals.
Demystifying CCPA
Navigating California’s CCPA law? This comprehensive guide breaks down its impact on businesses, both in and out of California, and how to comply effectively.
A Risk-Based Approach to Cybersecurity
Navigate the challenges of quantifying cybersecurity risk in finance. Uncover the limitations of traditional frameworks and the promise of FAIR.
Canary in the Cybermine
Discover why AI falls short in cybersecurity. Uncover the barriers to adoption and how threat actors exploit AI’s potential.
The Future of Cybersecurity Education
Learn why culture and training are key in cybersecurity. Adapt to new risks and close the skills gap in a digital world, according to Gartner.
Parallel Threats
Uncover the cybersecurity risks of the Capitol assault and SolarWinds breach. Learn why both events call for a total network rebuild to ensure future security.
The 996 Rule
Explore the contrasting success stories of Richard Branson and Jack Ma. Learn how their backgrounds, work ethics, and philosophies shaped their empires.
A National Security Architecture – The Time Has Come
Discover the ‘Cycopalypse’: Why the U.S. is losing in cybersecurity across education, tech, and policy. Learn what must change for a secure future.
Cyberwar: The Five Essential Keys to Winning
Discover why the U.S. lags in cybersecurity across five key areas. Learn lessons from the SolarWinds attack and what must change for a secure future.
Ransomware Elevates Its Targets
Learn from DoppelPaymer’s attack on Foxconn. Elevate your cybersecurity game to fend off sophisticated threats.
Fire in the Hole
Uncover the impact of FireEye’s recent hack. This breach shakes the cybersecurity industry and raises questions about national security and defense capabilities.
The Risk Management Tool from Heaven
Elevate cybersecurity with quantitative risk assessments. Learn how technology bridges the gap between CISOs and executives for smarter, real-time decisions.
Here Comes 5G
Navigating 5G’s cybersecurity maze? Learn key vulnerabilities and steps to protect your network in the fast-paced world of 5G technology.