CISO

Which is Easier: Aligning Business to Security, or Security to Business?

Published January 27, 2021 | By Dan Blum

Which is Easier: Getting Businesspeople to think in terms of Security, getting Security Teams to think in terms of Business? While security leaders should work both angles, I say the correct answer to Alyssa Miller’s original question (below) is “B”.… Continue reading →

Posted in Coming Events, Dan Blum, Rational Cybersecurity | Tagged business alignment, CISO, cybersecurity, security leadership

At Long Last Rational Cybersecurity Publishes!

Published August 14, 2020 | By Dan Blum

I’m so excited to finally announce that “Rational Cybersecurity for Business: The Security Leaders’ Guide to Business Alignment” is live.

You can now buy a paperback, or get a complimentary digital download here.

Why I Wrote the… Continue reading →

Posted in Dan Blum, Rational Cybersecurity | Tagged CISO, cybersecurity, risk management, security awareness, security culture, security governance

Going the Extra Mile for Rational Cybersecurity

Published August 10, 2020 | By Dan Blum

Successful security leaders don’t quit in the face of obstacles. They go the extra mile for their security program and understand that cybersecurity isn’t just a technical problem. It’s a people and organizational problem. That makes it critical to align… Continue reading →

Posted in Dan Blum, Rational Cybersecurity | Tagged CISO, cybersecurity, risk management, security program

Where Should the CISO Report?

Published May 31, 2020 | By Dan Blum

When the CISO doesn’t report at the right level of an organization, misalignment between security, IT, the business, and the larger public ecosystems it serves will surely result. Such misalignment often leads to dire consequences, increasing the chance of breaches… Continue reading →

Posted in Dan Blum, Rational Cybersecurity | Tagged business alignment, CISO, rational cybersecurity, security governance

How to Define Security for Your Business

Published May 17, 2020 | By Dan Blum

Could it be that a simple misunderstanding of what cybersecurity means is creating much of the disconnect between business and security leaders that often makes security programs ineffective? According to one security leader who’s worked as a Chief Information Security… Continue reading →

Posted in Dan Blum, Rational Cybersecurity | Tagged CISO, rational cybersecurity, Security Charter, security governance

Waking Up to Cybersecurity’s New COVID-19 Reality

Published March 16, 2020 | By Dan Blum

The COVID-19 pandemic is creating emergent risks and cybersecurity challenges. Chief Information Security Officers (CISOs) and other security organization leaders are on the firing line, finding themselves responsible for everything from remote access security to business continuity management (BCM) to… Continue reading →

Posted in Dan Blum, Rational Cybersecurity | Tagged BCM, business c, business continuity management, business continuity planning, CISO, coronavirus, COVID-19, isk, pandemic, remote access, risk management, security leader, supply chain security

Helping CISOs and Board Members Communicate on Risk: A Shared Assessments Summit 2019 Recap

Published April 19, 2019 | By Dan Blum

Returning from the Shared Assessment Summit 2019 last week, I was struck by one repeated message: CISOs and Board of Directors members are still struggling to assess and communicate risk. Early in the Summit Agenda, a CISO Panel discussion… Continue reading →

Posted in Uncategorized | Tagged CISO, cybersecurity, risk management