4 min read
5 Soft Skills Every CISO Should Have
Being the founder and CEO of a virtual CISO firm, I get asked questions about professional development from time to time.
In-house CISO
4 min read
How to Manage a CISO to Avoid Burnout
This blog post is intended for anyone managing a chief information security officer (CISO) or looking to fill the CISO role. This might also be...
2 min read
The 1 Thing You Can Do to Improve Your Cybersecurity Program
Let's use our imaginations for a few minutes.
1 min read
Effective User Access Reviews
What exactly is a user access review? In its simplest form, this review is a process that certifies that users’ (including vendors’) access within...
3 min read
How to Change Your Virtual CISO (or how to avoid it to begin with)
There’s been an interesting trend in the virtual CISO industry over the last several months.
2 min read
Tools to Check Out in the Cybersecurity Resource Guide
Last week, we saw the Federal Financial Institutions Council (FFIEC) announce an update to its Cybersecurity Resource Guide. It was originally...
1 min read
Preparing for a Security Incident
The worst time to develop an Incident Response Plan for dealing with a security incident is during an actual incident. It’s not a matter of “if” but...
2 min read
Where Does Managing Aggregator Risk Belong?
A little over a year ago, bank regulators published new proposed guidance on managing third-party risk. One of the more controversial topics in this...
3 min read
Change, Conflict and Culture
We have many institutions either going through or coming out of a large amount of change. It seems like there’s always some new guidance, product, or...