Posts
-
Jan 25th, 2022
Let’s talk about CFOs and Cyber Risk
If you have read my previous three blogs in this ‘Let’s talk’ series, you’ll know that we’ve talked about our conversations with CISOs and CIO – and now it’s time to turn our attenti
-
Jan 21st, 2022
Let’s talk about CIOs and Cyber Risk
In our previous blog, we looked at how cyber risk quantification (CRQ) can help CISOs and their teams to address some of the most pressing cybersecurity issues today. But change requires buy-in, so cr
-
Jan 19th, 2022
Let’s Talk About CISOs and Cyber Risk Quantification
Chief Information Security Officers (CISOs) serve a critical role in protecting their business from internal and external threats. They need to design and implement the right resources to mitigate gro
-
Jan 14th, 2022
4 Key Drivers Accelerating Cyber Risk Quantification
If you’ve attended any of our webinars on Cyber Risk Quantification (CRQ) in recent months, you’ll know that this is a topic I love talking about! You’re either thinking this is not true, or Iâ€
-
Oct 18th, 2021
FAIR and RQ: It’s time to evolve the conversation
I can’t wait until the day when cars can fully drive themselves. While I love driving I hate wasting time in traffic. And the number of accidents caused by human error is significantly larger than a
-
Sep 23rd, 2021
CRQ Isn’t Done Well: A Review of NIST’s Report on Integrating Cybersecurity and ERM
It’s been almost a year since the National Institute of Standards and Technology (NIST) issued its internal report on “Integrating Cybersecurity and Enterprise Risk Management (ERM).” I
-
Sep 17th, 2021
Bitsight’s Acquisition of VisibleRisk: A View From The CRQ World
This week, Bitsight raised $250 million from Moodys and acquired cyber risk quantification company VisibleRisk. The move certainly makes sense for Bitsight, but what does it mean for the cyber risk qu
-
Sep 14th, 2021
It’s Time to Flip the Script on How We Measure and Communicate Cyber Risk
The U.S. Securities and Exchange Commission (SEC) recently signaled its intent to get much tougher on companies when it comes to their management of cyber risk and inadequate disclosure of cybersecuri
-
Aug 3rd, 2021
Are Critical Infrastructures Ready For The New Federal Cybersecurity Standards Initiative?
President Joe Biden signed a National Security Memorandum last week that establishes a new Industrial Control Systems Cybersecurity Initiative to develop a voluntary set of standards for the nation’
-
Aug 2nd, 2021
Q&A: Joe Weiss of Applied Control Solutions on Control Systems and Cybersecurity
During a recent ThreatConnect Podcast, Joe Weiss, Managing Partner at Applied Control Solutions gave his insights and thoughts on Control Systems and Cybersecurity issues facing our nation’s critica
-
Aug 2nd, 2021
Q&A: Bob Kolasky of the Department of Homeland Security on Systemic Cyber Risk and Critical Infrastructure
ThreatConnect Podcast host Dan Verton recently had the pleasure of speaking with Bob Kolasky, Director of the National Risk Management Center at the Cybersecurity and Infrastructure Security Agency (C
-
Jul 23rd, 2021
Q&A: AVEVA’s Tim Grieveson on Cyber Risk Management and Critical Infrastructure
During a recent ThreatConnect Podcast, Tim Grieveson, Chief Information Security Officer (CISO) at AVEVA, gave his insights and thoughts on cyber risk management issues facing our nation’s critical