So all your preventative measures have failed – to be fair, they succeeded for the last few thousand hacks, but the bad guys got lucky once, and you now have a full blown incident underway. Unfortunately you (the CEO) is at 23,000’ knocking K2 off their bucket list. How does your company execute?
I regularly get asked by new CISOs for information – benchmarks – on how much organizations like theirs should spend on security. That’s a deceptively simple question, and while there’s plenty of surveys that you can reference, none of them provide more than a rough starting point – there’s just too many variables.
I had an interesting conversation about data integrity attacks recently. Those involve altering records, rather than stealing them. The initial reaction was that they’d just restore from backup (like a disaster recovery plan). When I pointed out that most advanced attacks are in the environment for months before discovery, the light bulb went off: You […]
I’ve written before about the hype around AI, where there’s lots of potential, a ton of smoke and mirrors, and a few real things. Blockchain is right there contending for the king of the mountain. So what’s real, what’s hype, what’s plain dumb, and what isn’t anyone really talking about?