5 Jun 2017

Layer 8: The Orlando Shooting, and Why Cybersecurity is Not Enough

By |2017-06-05T23:34:42-06:00June 5th, 2017|Layer 8|

I'm writing today to respond to the very immediate incident of an ex-employee who shot and killed 5 former co-workers.  You can read about the story here: http://www.cnn.com/2017/06/05/us/orlando-fatalities/index.html It’s so unfortunate when these types of things occur, but these types of events are exactly the reason that organizations like Centripetum are working hard to promote [...]

10 Apr 2017

Layer 8: Performance Metrics When Governing IT

By |2017-05-01T12:49:50-06:00April 10th, 2017|Layer 8|

Governing and measuring the performance of IT can be a challenge: it’s often easy to jump into the weeds and produce values like numbers of help tickets addressed or patches deployed, but demonstrating value to governance is another thing, especially when they may not have a full appreciation for what or how those activities occur. [...]

13 Mar 2017

Layer 8: Cyberinsurance Protection (But Not Without a Catch)

By |2017-05-01T12:49:09-06:00March 13th, 2017|Layer 8|

One often-bantered ‘solution’ nowadays is the use of cyberinsurance… policies extolled to protect your company in the event of a cybersecurity-related incident.  There are many types of policies available today (see the graphic above), and as a risk management professional or system owner you need to be aware of them, and what they cover. More [...]

27 Feb 2017

Layer 8: The Kill Chain vs. Reality

By |2019-08-07T13:57:51-06:00February 27th, 2017|Layer 8|

The ‘kill chain’ has been a very popular way – especially in government circles – to look at cybersecurity risk, mainly because it forces system owners to look at risk and mitigation not just as a series of controls and checkboxes, but as a more holistic approach to managing risk. The ideas has been that, [...]