rational cybersecurity

Where Should the CISO Report?

Published May 31, 2020 | By Dan Blum

When the CISO doesn’t report at the right level of an organization, misalignment between security, IT, the business, and the larger public ecosystems it serves will surely result. Such misalignment often leads to dire consequences, increasing the chance of breaches… Continue reading →

Posted in Dan Blum, Rational Cybersecurity | Tagged business alignment, CISO, rational cybersecurity, security governance

How to Define Security for Your Business

Published May 17, 2020 | By Dan Blum

Could it be that a simple misunderstanding of what cybersecurity means is creating much of the disconnect between business and security leaders that often makes security programs ineffective? According to one security leader who’s worked as a Chief Information Security… Continue reading →

Posted in Dan Blum, Rational Cybersecurity | Tagged CISO, rational cybersecurity, Security Charter, security governance

Fifty Keys to Cybersecurity-Business Alignment

Published May 14, 2020 | By Dan Blum

My book, Rational Cybersecurity for Business: The Security Leader’s Guide to Business Alignment contains 50 Keys to Alignment that accentuate the guidance. I’m writing about these keys in a “50 keys” blog series. This page conveniently summarizes all the keys… Continue reading →

Posted in Dan Blum, Rational Cybersecurity | Tagged cybersecurity, rational cybersecurity, risk management

Place Information Risk Accountability at the Right Level

Published March 7, 2020 | By Dan Blum

Too often, information risk accountability isn’t at the right level due to poor alignment between security and business leaders. It’s time to transform the way we communicate risk to the business. When the security program struggles with an issue, bring… Continue reading →

Posted in Dan Blum, Rational Cybersecurity | Tagged accountability, corporate risk accountability, enterprise risk management, ERM, Factor Analysis of Information Risk, FAIR, information risk, rational cybersecurity, risk, risk management

Rational Cybersecurity Q4 Update

Published October 24, 2019 | By Dan Blum

Since my Q3 update on the Rational Cybersecurity book project I’ve reached an important milestone. Take a look…

My goal is to get to a final draft (after rewrites) before the year’s end.

I’m also grateful to have… Continue reading →

Posted in Dan Blum, Rational Cybersecurity | Tagged rational cybersecurity

Rational Cybersecurity Q3 Update

Published August 26, 2019 | By Dan Blum

Since my Q2 update on the Rational Cybersecurity for the Business book project I’ve continued to forge ahead, completing another 3 draft chapters. My goal is to get to final draft (after rewrites) before year’s end!

Rational Cybersecurity for… Continue reading →

Posted in Dan Blum | Tagged rational cybersecurity

Rational Cybersecurity Q2 Update

Published May 20, 2019 | By Dan Blum

Since launching the Rational Cybersecurity for the Business book project to kick off the New Year, I’ve made great progress, completing more than 20 security leadership interviews, and drafts for 5 of the 10 chapters.

Rational Cybersecurity for the Business’s… Continue reading →

Posted in Dan Blum, Rational Cybersecurity | Tagged governance, rational cybersecurity, risk management

Launching Rational Cybersecurity for the Business

Published January 1, 2019 | By Dan Blum

“Rational Cybersecurity for the Business,” my upcoming book, will help business and security leaders see through misinformation, FUD, and hype. It will explain how to think about our challenging problems rationally, enable bold digital business strategies, and substantially… Continue reading →

Posted in Dan Blum | Tagged cybersecurity, rational cybersecurity

rational cybersecurity

Subscribe to Blog Notifications... HERE