Misconfiguration should the scariest word a CISO can hear. Continuous security testing is probably our best bet to find and remediate both human-error and latent vulnerabilities that may exist in any organization.
Can the cybersecurity industry learn lessons from the sustainability movement? Can public commitments to good cybersecurity citizenship impact decision making throughout an organization – and reduce our shared long-term risks?
As CISOs, we must prepare our organizations for the CRISIS – not just the cyber security incident. Our leadership, public relations and business line partners need to steel themselves against the impulse to minimize the impact during every phase of the response. Too many organizations lose sight of the importance of candor and ownership in crisis management, and jeopardize long term recovery.