Chronicles of a CISO

Compliance, Due Diligence, & More: Navigating Upcoming TPRM Trends The post Compliance, Due Diligence, & More: Navigating Upcoming TPRM Trends appeared first on Chronicles of a CISO.

Inherent Risk vs. Residual Risk: The Foundation of Effective TPRM The post Inherent Risk vs. Residual Risk: The Foundation of Effective TPRM appeared first on Chronicles of a CISO.

The NIST CSF toolkit has been updated to reflect the new Cybersecurity Framework v2.0. The post Updated NIST Cybersecurity Framework (CSF) Tool Released appeared first on Chronicles of a CISO.

The SEC has put the executives of SolarWinds, including the CFO and CISO on notice. How will this impact the future of the security industry? The post The Action That Shook An Industry appeared first on Chronicles of a CISO.

New regulations and business drivers are forcing Private Equity firms to take a closer look at cybersecurity risk pre & post-acquisition. The post Technology Risk in the Private Equity World appeared first on Chronicles of a CISO.

The term ESG has become a common parlance in the corporate world. How can a CISO leverage ESG to further their program and be better corporate citizens? The post A CISOs Guide to ESG appeared first on Chronicles of a CISO.

Career and education resources for those on active duty or veterans who are looking to move into cybersecurity or S.T.E.M. careers. The post Cyber Resources For Veterans appeared first on Chronicles of a CISO.

Cyber insurance is increasingly difficult to obtain and more expensive than ever. A recent study identified the top 10 controls insurance carriers look for when determining coverage and cost. By leveraging specific areas of the NIST CSF, you can qualify for better coverage and effectively lower premiums. The post The Evolving Game Of Cyber Insurance appeared first on Chronicles of a CISO.

The interrupt-driven life of a CISO and how stress impacts our thought process and the changes we make to how our minds work. The post The Interrupt-driven Life of a CISO appeared first on Chronicles of a CISO.

In order to communicate their message quickly, Vendors need to develop a value statement that appeals to a CISO by quickly articulating how your solution reduces risk, minimizes staffing issues, or enhances budget. The post Simplify Your Value Statement appeared first on Chronicles of a CISO.

Please note: Version 2.1 of the tool was uploaded to the site on February 28, 2022, due to a formula bug in the privacy worksheet. I am quite thrilled to announce that the long-overdue update to my NIST CSF tool V2.0 is finally done. While this new version generally looks the same as the prior The post New Version of the NIST CSF Tool appeared first on Chronicles of a CISO.

Thoughts on the damage caused by Research Firms to the Information Security field and why the role of the Industry Analyst must change. The post The Problem With The Industry Analyst appeared first on Chronicles of a CISO.

The perimeter is dissolving. Employees are using any device from any location for work. With limited visibility from our traditional networking and endpoint security controls, how do we protect our data? The post Millicom Builds Transformational Identity Security Program appeared first on Chronicles of a CISO.

The perimeter is dissolving. Employees are using any device from any location for work. With limited visibility from our traditional networking and endpoint security controls, how do we protect our data? The post Identity Management as a Foundation for Future-Proofing your Security appeared first on Chronicles of a CISO.

The concept of Identity is critical to what we do. If it didn’t exist, how would it change your approach and how would you answer the question? The post What if Identity Didn’t Exist? appeared first on Chronicles of a CISO.