The cybersecurity work you need to do as an internal AI is being designed, deployed and operated, so that the system you stand up to keep data safe actually keeps data safe.

A vCISO or a cybersecurity manager can be a valuable asset in getting a small or medium enterprise cybersecurity built, or on track and moving in a new direction.  However, if you are in a position to afford only one or the other, choose carefully.

In cybersecurity, compliance is often mistaken for protection. Unfortunately, that decision trades measurable comfort for invisible risk.

Many organizations rely on SaaS platforms instead of traditional on-premises solutions, trading control for convenience. The risks of that trade-off are often misunderstood.

This is the fourth installment in an ongoing series called "Executive Missteps" on how business leaders, often unknowingly, sabotage their organization's cybersecurity...and how not to be that person.  Each is inspired by a true story (or several). Find previous installments here: Above the Law (1) , Shadow (IT) Man (2) , On Deadly Ground (3) . Avery (not his real name) is busy, like most CEOs.  His company is a regional powerhouse in the process of building out a handful of

Stop me if you have heard this before. A company suffers a massive IT outage. The culprit is not a hacker in a foreign country or a sophisticated piece of malware. It is an unlocked door.

This is the third installment in an ongoing series called "Executive Missteps" on how business leaders, often unknowingly, sabotage their organization's cybersecurity...and how not to be that person. Each is inspired by a true story (or several). Find the first installment here , and the second here . Cybersecurity risks brought in by M&A can leave an executive feeling like the ground is falling out from under them. It's been a busy month for our CEO as the company works on w

Most companies don’t realize how narrow and conditional cybersecurity insurance coverage really is until they need it.

Managers, project managers, and executives can increase code quality by improving the environment and incentives for development teams.... and that includes improving security.

This is the second installment in an ongoing series called "Executive Missteps" on how business leaders, often unknowingly, sabotage their organization's cybersecurity...and how not to be that person. Each is inspired by a true story (or several). Find the first installment here . It's a normal Wednesday morning when the SOC (Security Operations Center) manager gets a knock on her door. One of her analysts has learned that the company's mail server has appeared on major bla

It's late on Friday afternoon, and the corporate help desk gets a phone call.  The CEO is in a panic.  His next move will cost the company dearly.

Protecting your business from ransomware and blackmail requires a disciplined backup and data loss prevention strategy.

Small to Medium size Organizations, or commonly SME's face unique cybersecurity challenges now, and in the future. Here. Susan Sons explains the strategy for facing those challenges head-on.

Eliminating repetitive tasks, enforcing configuration consistency, and automating provisioning aren’t just technical wins, they’re operational leverage. Automation doesn’t mean less work. It means less waste and more time for what actually matters. 

Having at least a basic understanding of strategy, especially since most people in your position don’t, can be a massive career accelerator for an individual contributor.  This is especially true in IT, because our technological systems influence the behavior of the organization and sometimes of its customers.