Sound cybersecurity practices and risk management are a differentiator for many non-regulated companies and are table stakes for highly regulated organizations. Enterprise customers are demanding and driving the conversation around cybersecurity.

They are demanding to understand how their vendors could potentially impact their customers and their

... See more

Architecture Defensibility : With asset inventory in hand, how well is your organization able to defend its digital assets? Does the topology of your enterprise architecture map to the current communication flows? Where are the short circuits in your communication flows? The CRQ examines the robustness of this architecture, focusing on network

... See more

I saw a few tweets about this article tongue in cheek saying "time to update your threat model" - but how many actually do that? Who is at work this week creating a document that illustrates how a data breach of their external council could lead to their own data loss event? I'd guess it is a very small number of folks. I'm making the case that

... See more