CISO Field Notes
Livestream: How to Communicate Cyber Strategy to the C-Suite
Let folks who’ve seen it tell you what to expect from this one-hour livestream:
• We need more of this out there in the wild. Great stuff!
• Beautifully done. Love the opening point (we see with the brain) and the value of knowing your audience and speaking to them in terms that appeal to their interests. Brava!
• Fantastic presentation!
Livestream: Mike Warner talks Cybersecurity Entry Level Hiring on SimplyCyber
Leaders should be “The Keeper of the What, not the Master of the How” offers SecuriThink Executive Advisor Mike Warner during this 45-minute interview with Gerald Auger on SimplyCyber.
Livestream: The CISO Experience
Listen in as SecuriThink Executive Advisor, Mike Warner, and founder, Linda Rust, join host Simon Linstead for a one-hour YouTube “Ask Me Anything” (AMA) to explore Mike’s 12 years as the CISO of Oshkosh Corporation (the Fortune 500 specialty vehicle innovator, not to be confused with a well-known brand of children’s clothing).
Cybersecurity is Like Securing Your Car
Just like securing your car, it takes more than one thing to be cybersecure. Problems come from more than one angle and each protection has its strengths but also limitations. We add up the strengths and protect the blind spots by layering the protections.
Leverage Cybersecurity Spending
A diamond only shines to the extent that it’s in the right setting. Getting full leverage from your cybersecurity spending works on the same principle. The optimal setting for cyber technology requires adapting processes and fully engaging your people. This is the shortcoming of every silver bullet scenario.
The Cybersecurity Business Case for Manufacturing Supply Chain
As the number one most attacked industry, manufacturing is in the cross-hairs of cybercrime. At the same time manufacturing has less visibility into supply chain tiers than other verticals. This combination of factors amplifies the potential blast radius for damage.
Making the Business Case for Cybersecurity – Cyber Insurance 4Q 2021
Cyber Insurance offers useful insights to quantify cyber risk and make it real for business owners, CxOs and board members of public companies.
Configuration Assurance – Naming the Elephant
This is the story of a dilemma solved. A Chief Information Security Officer (CISO) had time and again discovered problems with patching and configuration settings not matching agreed upon standards.
How to make your data classification project easier
Leverage our lessons learned to make your project easier using the SecuriThink Data Classification Complexity Scale.
Data Classification – Example 1
Rally C-suite ownership with a compelling business case for change
Data Classification – Example 2
Managing across the enterprise for new security habits
Data Classification – Example 3
Quick Start the project, cross-train client team, manage risk
Administrative Rights
Reduce technical support with appropriate employee engagement
Complex Passwords
Minimize business impact and technical support requirements
What Else We Do
Step Zero™ Rapid Cybersecurity Cost Estimates
This unique approach, with a known range of verified accuracy, was first field-tested on 12 Fortune 500 Merger and Acquisition (M&A) deals yet it also supports data-driven investment decisions for cybersecurity compliance.
Managing Up and Out™ Security Strategy and Education
Tap the 30+ years combined experience of our team to align stakeholders from Boards of Directors and C-suite to critical asset owners or front-line team members. Whether it’s a business case, strategy roadmap, or key presentation, we can cross-train, ghostwrite, or deliver on your behalf.
CMMC Readiness
Cybersecurity Maturity Model Certification (CMMC) is the evolution of cybersecurity contractual requirements from the Department of Defense (DoD) with which SecuriThink practitioners have been involved for over 10 years.
Our journey satisfying these requirements is the story of “how we know what done looks like” for cybersecurity as we state on our website homepage.
SecuriThink Field-Tested Data Classification Solution
Get higher returns on your project investment with a field-tested data classification solution based on two Fortune 500 projects involving 12,000 and 50,000 team members, respectively.
Our Data Classification Solution integrates technology with business transformation methods to manage factors too often left out of a security project. We leverage what’s already going well in your organization, while shifting to higher potential.
SecuriThink Field-Tested OT / IT Integration
Readily create dollars from Operational Technology (OT) data using our field-tested approach to Information Technology (IT) integration based on success at 42 facilities across 15 different business divisions
Cultural Armour™
Optimizing your company’s information security
Takes more than the latest technology
Or a staff trained to use it.
It takes a shift in thinking.
A shift in acting.
Hearth Security™ – Personal Security Strategy
Securing your crown jewel assets, one household at a time.
Field-Tested Proactive Insider Threat Program
Over 90% of most companies’ value now comes from intangible assets. In addition to Intellectual Property (IP), brand reputation, competitive advantage, supplier network, employee retention, and customer loyalty are measurably affected by cyberattacks. Research shows some of the most damaging losses coming from trusted insiders with malicious intent, also called Insider Threat.
The biggest gains come from proactive attention to Insider Threat, that is, don’t chase after the horse that’s gotten away, keep it from leaving the stable.
Supply Chain Cybersecurity
Threat actors are increasingly exploiting the path of least resistance in the supply chain to attack their real targets. While more large companies have built a reasonable cybersecurity posture, malicious actors still find easy ingress through abundant open doors in smaller suppliers.
Supply chain attacks have skyrocketed to the point where targeted companies are motivated to manage their own risk by managing the risk hiding in their supply chain.