Did you know there’s far too much in common with yo-yo weight loss programs and your run-of-the-mill security program? Here’s the deal: Published psychology research points out that fad diets – you know, the ones that say you’re going to lose 21 pounds in 10 days or something like that – and *especially* repeated bouts […]
Why Your Cybersecurity RCA Isn’t Working
Recently, I was having a discussion with a customer we’re working with to restructure their IT Security department and adopt SABSA end to end. Doing this will more effectively manage their cybersecurity risks and keep them directly focused on supporting business execution, not just doing security for security’s sake. The Problem One of the problems they […]
Security — What does that mean?
Security isn’t really a thing—it’s more a feeling you get when you believe things are the way you expect them to be. You expect things you care about to be “ok”, but most of the time, we really don’t think about what that means either. Maybe it means that something is “safe”, e.g. free from […]
Cybersecurity for Boards: What You Need to Know Now
$22 billion in losses by businesses per year. $11 million in fraudulent charges. 50 enforcement actions by the US FTC in the last 10 years. 1.2 billion usernames and passwords and 500 million email addresses from 420,000 websites. 63,437 security incidents in 95 countries. 79 seconds between thefts of personal data. $3.5 million is the […]
