-
It Strikes Again! The Insidious Reality of Fraud
The ferment in the banking industry touched off by the collapse of Silicon Valley Bank has created opportunities for fraud, as bad actors try to take advantage of the surrounding duress to launch attacks. And artificial intelligence has only made a difficult situation worse. When chaos strikes a financial institution, as it did at SVB,…
-
Taming The Elephant in The Room: Practical Budgeting Strategies
When we speak of budgeting, there is not an exact science to quantify risk nor determine the likelihood of a threat materializing. Although there are some elements that we can quantify and qualify, there are many unknowns. Since each organization is different, there can be no cookie-cutter approach. We can make some educated guesses based…
-
Generative AI: A Double Edge Sword
Generative AI is a very powerful technology that’s created for constructive purposes, but as with everything else in life, some have found a nefarious way to use it. Bad actors are using these tools to create attacks and circumvent security controls. One AI-generated malware has already been created to evade traditional EDR capabilities. Unfortunately, this…
-
The Supply Chain Cyber Risk Conundrum: A Practical Approach
We are business leaders. When we talk about supply chain, we are tasked to expand our focus beyond cyber risks to look at things that have a larger impact on our organizations, such as: the diversification of supply and suppliers, reducing carbon footprints, governance issues, and other matters of importance in the business world. But…
-
From Defense to Offense: a new tactical approach
“Defense in depth” is a philosophy that many of us live by, but the time has come for a shift in mindset. Instead of always layering on more and more defenses, I’d like to propose that we go on the offense instead, because we’re obviously not winning the battle. We need to change the strategy…
-
The Cyber Talent Shortage: why so little progress has been made
There’s a lot of concern in our industry about the grave talent shortage. We need a lot of new people coming into the profession, and we also need to diversify the pool. Yet while there are many initiatives to attract people who are eager to get into the business, there’s a missing piece: Translating the…