I had a client whose maturity scores didn’t improve over a 3-year period. If data was all that was presented this could easily be interpreted as a failure of progress. But when they focused the narrative around the successful integration of the multiple acquisitions they had over the past few years, the focus shifted to the successful expansion of

... See more

Get your business units to pull help from security and not have security keep pushing improvements on them. The main thing is for the CEO to not just provide support and resources for the CISO but to actually change the dynamic by regularly expecting each business line executive or functional leader to be able to articulate at some appropriate

... See more

To achieve cyber resilience, it is crucial for organizations to align their cybersecurity priorities with their overarching business objectives. Jen Easterly, Director of the US Cybersecurity and Infrastructure Security Agency (CISA), emphasizes the need for security leaders to frame risks in relatable business terms and provide metrics that

... See more