Category Archives: Cyber@Risk™

#266 – REVENGE OF THE NERDS – DAN SHOEMAKER

Featured

Posted on by
Reply

Something is brewing out there in nerd-land that is potentially dangerous to you and me. The concern centers on the Gerrymandering of the field that is presently going on in DC. Whether it is intentional or not, the logic goes like this.

  1. The functions in our critical infrastructure are enabled by computers.
  2. So, if the computer is secure then the infrastructure is secure.
  3. Computers are electronic devices.
  4. Electronic devices obey physical laws.
  5. Therefore the discipline that underlies the security of our infrastructure is science.

Continue reading

#179 – FUTURE OF DIGITAL TRANSFORMATION – GREG CARROLL

Featured

Posted on by
Reply

team-carroll-150x150Senior management have to come to grips with the fact that Digital Transformation is not an Event but rather the operating environment of 21st century business.

Like music, photos, TV, and data, once something becomes digital it becomes a consumable and moves from the domain of the specialised expert to a public commodity.  As with Blockbuster, Borders, Capital Records, and newspapers, businesses based on non-digital product are the hand-crafted hobbies of the 21st century.  Craft markets will exist into the future but they are generally not profitable and rather a labour of love. Continue reading

#86 – IMPROVING CYBERSECURITY AND THE CHALLENGE OF IMPLEMENTING THE NIST FRAMEWORK – ANDREA STROUD

Posted on by
Reply

apqc

Andrea Stroud_APQC PIC

 

 

 

In an earlier blog post, Ed Perkins, the developer of the Certified Enterprise Risk Manager® – Cyber Security™ certificate, described the current cybersecurity landscape for industry and provided an overview of the U.S. National Institute of Standards and Technology (NIST) Cybersecurity Framework. In this second half of APQC’s conversation with Perkins, he discusses how organizations can use the Cybersecurity Framework to address risk. Continue reading

#86 – WHAT SHOULD COMPANIES CONSIDER ABOUT POTENTIAL CYBERSECURITY RISKS? = BECKY PARTIDA

Posted on by
Reply

apqcrpartida_LThumb

 

 

 

APQC recently spoke with Ed Perkins, the developer of the Certified Enterprise Risk Manager® – Cyber Security™ certificate, about the current state of cybersecurity and the introduction of the U.S. National Institute of Standards and Technology (NIST)Cybersecurity Framework. This post presents the first half of the interview, in which Perkins describes the cybersecurity landscape and introduces the NIST framework. Continue reading

#71 – ISO 27001: INTRODUCTION AND THE ROAD TO CERTIFICATION – VINCENT PALERMO

Posted on by
Reply

Publicly announced breaches of secured information are so common today that they almost seem routine. Last year, in the United States alone, financial companies like JPMorgan Chase and retailers such as Target and Home Depot were victimized by information system hackers that allegedly gained access to the confidential data of millions of businesses and consumers. Continue reading