I am super excited to share that I will speaking at one of my absolute favorite conferences each year — the United States’ preeminent cybersecurity conference — SecureWorld – Dallas! On Wednesday, October 25, 2023, I will be leading a full day workshop for SecureWorld Plus registrants on Real-World Cyber Risk Management and Resilience Planning…
Is the law evolving to hold individuals–specifically the CISO–responsible for companies’ cybersecurity failures?
Is the law evolving to hold individuals — specifically CISOs — responsible for companies’ cybersecurity failures? In my opinion, the answer is yes, albeit slowly and incrementally, but it certainly appears to be moving in that direction. Here are some of my thoughts on the SEC’s recently issuing a Wells Notice to SolarWinds’ executives —…
Please share this!
A few quotes from my keynote at SecureWorld Boston
Following the outstanding SecureWorld Boston event, my friends at SecureWorld shared Highlights and Insights from SecureWorld Boston 2023 and were kind enough to include a few quotes from my lunch keynote — let me know what you think and please offer your perspective on these ideas: For my friends in the Houston area, get ready,…
Please share this!
Join me and #EnterpriseUniversity for Real-World Cyber Risk Management and Resilience Planning on March 28, 2023!
On Tuesday, March 28, 2023, I will be teaching a class on Real-World Cyber Risk Management and Resilience Planning as part of #EnterpriseUniversity Enterprise Bank & Trust’s education program for business leaders and professionals! Join me for this course, and take a look at all of the live, virtual courses available at no cost to…
Please share this!
HHS Releases HPH Sector Cybersecurity Framework Implementation Guide to Help Healthcare Organizations Leverage NIST Cybersecurity Framework
On March 8, 2023, the U.S. Department of Health and Human Services (HHS) released its HPH Sector Cybersecurity Framework Implementation Guide (the Guide) to help healthcare organizations leverage the NIST Cybersecurity Framework. This Guide is not only a must-read for all healthcare “covered entities,” especially small and midsize organizations, but it is excellent advice for…
Please share this!
FBI, CISA, MS-ISAC Joint Cybersecurity Advisory – #StopRansomware: LockBit 3.0
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing & Analysis Center (MS-ISAC) routinely release a Joint Cybersecurity Advisory (CSA) as part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail ransomware variants and ransomware threat actors. On March 16, 2023, they…
Please share this!
Boston Area Friends – Join me for the lunch keynote at SecureWorld Boston on March 23!
I am super excited to share that next week I will be headed to Boston to speak at one of my absolute favorite conferences each year — the United States’ preeminent cybersecurity conference — SecureWorld! On Thursday, March 23, 2023, I will present the lunch keynote on Cybersecurity Really Is a Team Sport, since folks…
Please share this!
The White House Cybersecurity Plan – the Devil is in the Details
“The devil is in the details” — that about sums up my take on the White House Cybersecurity Plan. Many thanks to Lily Newman for including this and some other points from our discussion in her Wired article The High-Stakes Blame Game in the White House Cybersecurity Plan. I appreciate that the Administration is talking…
Please share this!
Charlotte, NC Area Friends – Join me at SecureWorld Charlotte on March 1 & 2!
I am super excited to share that next week I will be headed to Charlotte, North Carolina to speak at one of my absolute favorite conferences each year — the United States’ preeminent cybersecurity conference — SecureWorld! On Wednesday, March 1, 2023, I will be leading a full day workshop for SecureWorld Plus registrants on…
Please share this!
Shareholders Can Sue Corporate Officers for Breach of Duty of Oversight in landmark Ruling — CISOs and CPOs, You Listening?
In a landmark ruling, the Delaware Court of Chancery has recognized that corporate officers owe the company a legal duty of oversight, which has traditionally been an obligation solely of directors, and can be sued by shareholders for breach of that duty. In the cybersecurity and privacy context, what does this mean for Chief Information…
You must be logged in to post a comment.