A recent ranking of the most cyber-secure companies reveals weaknesses in current third-party risk management practices.
Roland Cloutier is stepping down as global CSO to become a strategic advisor to TikTok’s CEO. The clock is ticking on the CSO succession plan.
By setting yourself up as the defender, the solver of problems, you cast your business colleagues as hapless victims or, worse, threats. This is not a useful construct for engagement.
“Shared responsibility” usually means that no one is responsible for minding the gap. Don’t fall in.
Security processes that treat the very users we protect as unwanted burdens and alienate them in the process are a path to failure.
If you’re not in the meeting where decisions are made, then you’re not part of the C-Suite—whatever your title may be.
Software bills of material are having a moment, but the costs of an externally visible SBOM are likely to outweigh the benefits, says Andy Ellis.
No one outside the IT department cares about your vulnerability metrics (or they shouldn’t, anyway). They care about efficacy. And traditional stats don’t show that.