Posts

  • Should Companies Be Held Liable For Software Flaws?

    Should Companies Be Held Liable For Software Flaws?

    Following the CrowdStrike event two weeks ago, there has been an interesting exchange between Delta Airlines and CrowdStrike. In particular, Delta has threatened to sue CrowdStrike to pursue compensation for the estimated $500M of losses allegedly incurred during the outage. CrowdStrike has recently hit back at Delta claiming the airline’s recovery efforts took far longer… Read more

  • How CIOs, CTOs and the rest of the C-Suite Can Better Support CISOs

    How CIOs, CTOs and the rest of the C-Suite Can Better Support CISOs

    There are a variety of reporting structures for CISOs, such as reporting to the CTO, CIO, CFO or CEO. No matter who the CISO reports to, the CISO is still an integral part of the C-Suite. Yet despite this, CISOs don’t always receive full support from the rest of their C-Suite peers, which can cause… Read more

  • A CISO’s Analysis Of the CrowdStrike Global Outage

    A CISO’s Analysis Of the CrowdStrike Global Outage

    Overnight from July 18 to July 19, 2024, Windows systems running CrowdStrike ceased functioning and displayed the blue screen of death (BSOD). As people woke up on the morning of July 19th they discovered a wide reaching global outage of the consumer services they rely on for their daily lives, such as healthcare, travel, fast… Read more

  • Tips For Managing Anxiety, Stress, Burnout and Mental Health

    Tips For Managing Anxiety, Stress, Burnout and Mental Health

    CISOs have been in the hot seat lately, particularly related to personal liability, increasing regulatory pressure and a shifting technological landscape. Compound these macro issues with the internal demands CISOs deal with such as incidents, budget cuts or political battles for relevancy and it is no wonder CISOs are struggling with mental health issues. All… Read more

  • How Should CISOs Think About Risk?

    How Should CISOs Think About Risk?

    There are a lot of different ways for CISOs to think about and measure risk, which can be bucketed into two different categories. Qualitative measurement, which is a subjective measurement that follows an objective process or quantitative measurement, which is an objective measurement grounded in dollar amounts. Quantitative risk measurement is what CISOs should strive… Read more

  • Should CISOs Be Technical?

    Should CISOs Be Technical?

    Don’t want to read this? Watch a video short of the topic here. There are a lot of different paths to becoming a CISO and everyone’s journey is different, however two of the most common paths are coming up through the technical ranks or transitioning over from the compliance function. Coming up through the technical… Read more