• Aug 02
    2016
    The threat to your organization of a data breach is real, as are the limitations of pure technology in protecting you. Of the top six sources of cybersecurity error, four of them… general carelessness failure to get up to speed on new threats lack of expertise with websites and applications lack of expertise with networks, servers, and other infrastructure …can only be cured with training. You would think that employing ...
  • Jul 29
    2016
    In the 1989 film, Field of Dreams, an Iowa corn farmer named Ray Kinsella hears a voice telling him to build a baseball diamond in his field. Ray builds the field, and the spirit of legendary ball player Shoeless Joe Jackson turns up to play on it. He even brings many of his friends. By watching their games and interacting with the legendary players, Ray is able to come to ...
  • Jul 20
    2016
    Cybersecurity is more than a technical operation. It is a human undertaking, and its failures lead to human cost. Few events illustrate this better than the Ashley Madison hack, which I blogged about almost exactly one year ago. Ashley Madison, you may remember, is the dating site that facilitated illicit connections for married people. Its notorious slogan was “Life is short. Have an affair.” It is a sign of the ...
  • Jul 12
    2016
    On this blog lately, I have been trying to make the case for vendor-neutral cloud training. Vendor-neutral cloud training, of course, can help your organization embrace the best practices in cloud computing in a way that vendor-specific training probably can’t. Vendor-neutral training can also help you build the expertise your organization needs to evaluate cloud providers and ultimately avoid vendor lock-in. If you are persuaded that vendor-neutral cloud training is ...
  • Jul 07
    2016
    I see four big business challenges in moving to the cloud: 1. Selecting a Vendor. There are lots of cloud providers, and each offers its own unique blend of services, stability, and commitment. Whatever vendor you choose, you’re going to have a partnership with them that is likely to be more intimate than almost any other vendor relationship you’ve had. You need to find a vendor whose service complements your ...
  • Jun 22
    2016
    The 2016 Cost of Data Breach Study: Global Analysis has been released, and you can download it here (registration required). Sponsored by IBM and performed by the Ponemon Institute, this year’s study is a real eye-opener. The report classifies data breach costs into four categories: 1. Detection and Escalation Costs forensic and investigative activities assessment and audit services crisis team management communications to executive management and board of directors 2. ...
  • Jun 17
    2016
    A recent blog posting at the InfoSecurity website suggests that instead of moaning about how employees are the weakest link in your security chain, you take steps to make them the strongest. “Persuading Employees They Are Your Organization’s First Line of Defense” by Chris Barrington describes the strategic approaches for getting the security message across. Barrington offers eight different considerations for your messaging. I won’t describe them all here because ...
  • Jun 07
    2016
    We have reached the point that businesses are paying attention to cybersecurity, which is a good thing. All over the country, organizations are promulgating policies, conducting training programs, hiring security consultants, and buying security products. In other words, we are seeing good security management. But you have probably already heard this quotation from the late great Peter Drucker: “Management is doing things right; leadership is doing the right things.” As ...