Contact

Introduction to Metrics in Cybersecurity

“We need metrics. What are our key performance indicators? How do we know if we’re doing okay?” Cybersecurity leaders often ask these questions to their security teams to no avail — or worse, to a labyrinth of spreadsheets, incongruent datasets, and a rudimentary business intelligence layer sitting over the top of everything. Learn more about […]

Read More
icon / insight Created with Sketch.
Insight

Maintaining Cybersecurity After the Zappos Appeal

In 2012, online footwear company Zappos suffered a data breach impacting roughly 24 million consumers which resulted in a class action lawsuit. During the litigation, the District Court of Nevada dismissed certain claims for lack of Article III standing on the basis that the consumers merely alleged a risk of potential harm resulting from the […]

Read More
Created with Sketch.
Position Paper

Nudging for Cybersecurity

Why do security awareness trainings fail to impact employee behavior, and how can nudging help? All too often, cybersecurity is perceived to be overwhelmingly technical in nature. However, Information Security professionals would be wise to keep in mind the words of security expert and cryptographer Bruce Schneier: “Only amateurs attack machines, professionals attack people”. Security […]

Read More
Created with Sketch.
Position Paper

Structuring the Information Security Organization

Keeping up with the Evolving Landscape The continued evolution of enterprise threats has made Chief Information Security Officers (CISOs) consistently seek better opportunities and strategies to defend the perimeter and drive action given scarce resources. Pioneering CISOs capitalize on the opportunity to mitigate threats by optimizing their organizational structure in a manner where defensive and […]

Read More
Created with Sketch.
Position Paper

Cyber War Games and the Role of the Purple Team

Read More
Created with Sketch.
Position Paper

Enterprise Cybersecurity Risk Remediation

As large organizations grow and mature, they will often find themselves facing similar challenges in proactive risk management and remediation – particularly in the realm of cybersecurity. While information technology companies have historically been the most aware of cybersecurity risk, they remain exposed to threats to their products, services, network, systems, and data. These organizations […]

Read More