Chris Bedel

2 min read

If Everything is Important...

"If everything is important, then nothing is." ― Patrick Lencioni We’ve all seen this concept applied to time management and other decision-making...

3 min read

Comparing your Cyber Risk Appetite to Motorcycle Racing - WHAT!?!

How do you communicate cyber risk to management and the board at your organization? Has it been effective? Is everyone on the same page from a risk...

1 min read

What to do about Equifax Breach?: Freeze your Credit (and how)

We've had clients, friends, relatives, etc. ask us what they should do about the recent Equifax breach and the answer is pretty simple: get a credit...

Video Blog: CISO Intangibles The Importance of Good Communication

It's tough to be effective as a CISO if you can't get your message across to other areas of the bank. How you do it is important as well. This video...

SSAE-16 / SSAE-18: What's the Difference?

This past spring (as of May 1, 2017), the AICPA updated their Service Organization Controls testing standards from the SSAE-16 to SSAE-18.

Video Blog - CISO Intangibles: Incremental Improvements

3 min read

What Benefit is there in a Business Impact Analysis?

So what Benefit is there in a Business Impact Analysis?

Announcing the Release of our Latest Version of the CAT

We've been getting a lot of emails asking when our newest CAT excel spreadsheet would be released.

1 min read

Case Study: Supplemental CISO ($1.2 Billion in Assets)

This blog post is part two of a three-part series. It is an excerpt from our whitepaper on the Virtual Chief Information Security Officer concept. We...