Posts
-
Oct 18th, 2021
FAIR and RQ: It’s time to evolve the conversation
I can’t wait until the day when cars can fully drive themselves. While I love driving I hate wasting time in traffic. And the number of accidents caused by human error is significantly larger than a
-
Sep 23rd, 2021
CRQ Isn’t Done Well: A Review of NIST’s Report on Integrating Cybersecurity and ERM
It’s been almost a year since the National Institute of Standards and Technology (NIST) issued its internal report on “Integrating Cybersecurity and Enterprise Risk Management (ERM).” I
-
Sep 17th, 2021
Bitsight’s Acquisition of VisibleRisk: A View From The CRQ World
This week, Bitsight raised $250 million from Moodys and acquired cyber risk quantification company VisibleRisk. The move certainly makes sense for Bitsight, but what does it mean for the cyber risk qu
-
Sep 14th, 2021
It’s Time to Flip the Script on How We Measure and Communicate Cyber Risk
The U.S. Securities and Exchange Commission (SEC) recently signaled its intent to get much tougher on companies when it comes to their management of cyber risk and inadequate disclosure of cybersecuri
-
Jul 23rd, 2021
Q&A: AVEVA’s Tim Grieveson on Cyber Risk Management and Critical Infrastructure
During a recent ThreatConnect Podcast, Tim Grieveson, Chief Information Security Officer (CISO) at AVEVA, gave his insights and thoughts on cyber risk management issues facing our nation’s critical
-
Jul 23rd, 2021
Q&A: Felicia Thorpe of AHT Insurance on Cyber Insurance and Cyber Risk Quantification
During a recent ThreatConnect webinar, Felicia Thorpe, Managing Advisor at AHT Insurance, offered her insights on the latest trends in the cyber insurance market and changes that need to be considered
-
Jul 14th, 2021
Big Changes are Coming to the Cyber Insurance Industry
The surge in ransomware and other advanced cyber attacks during the last 18 months has led to significant changes in the way insurance carriers approach cyber policies and those changes are far from o
-
Jun 16th, 2021
GreyNoise and ThreatConnect: Protect against Noisy IPs
ThreatConnect has released a new GreyNoise Playbook App. GreyNoise helps analysts quickly understand which alerts don’t matter by providing context on noisy IP addresses across the internet. With th
-
Jun 7th, 2021
Why Effective Cybersecurity Narratives Are Built Using Quantitative Metrics
As the world begins to get the global coronavirus pandemic under control, cybersecurity concerns are increasing. Attackers continue to build increasingly sophisticated capabilities, deploying them in
-
Jun 1st, 2021
Cyberattacks on Critical Infrastructures Forcing Long Overdue Conversations About Risk
A cyberattack targeting the world’s largest meat processor over the weekend is pointing to a disturbing new reality: Our nation’s critical infrastructures and supply chains are being targeted beca
-
May 26th, 2021
The ROI of Security and the SOC
The Return on Investment of any cybersecurity investment does not fall under the traditional definition of ROI. Cybersecurity is a pure cost center – in an average organization no revenue can ev
-
May 7th, 2021
Cyber Execs Warn CISOs Could Disappear If They Don’t Get Better at Communicating Risk
Three leading global chief information security officers (CISOs) with a wide range of experience across different industries warned that if CISOs do not improve their ability to communicate cyber risk