cyberprism

23.06.2019 Cyber assessment, cyber crime, cyber security, cyberprism, privacy, Risk assessment, security Comments Off on Hope is not a cybersecurity strategy

Hope is not a cybersecurity strategy

Take the time now to assess your enterprise cyber risk and discover where best to invest for the best defense!

Since 2013, there have been 169 cyber attacks against city/state government agencies; 22 so far this year. Of the 169, 45 targeted law enforcement

In a recent cybersecurity conference I attended, CISO panelists were asked for their #1 cybersecurity issue. Surprisingly, their answers was NOT better cyber security toolsmore cybersecurity staff (that was their second priority), or more cyber intelligence.

Their #1 answer?

More action by executives and boards of directors to do what needs to be done to help better protect their cyber assets.

Now, to be fair to those executives (public and private sector), “cyber” is just one of numerous front-burner issues they must deal with, and unfortunately taking the time to learn about and effectively address cyber risks doesn’t always make the cut – until their agency/company is attacked.

I refer to this the “911 effect“…Terrorism was a problem on September 10th; however, it took the horrific events of September 11th to get the attention and investment that others, like FBI SA John O’Neil* and others knew it desperately needed.

So, as an executive, how can you avoid the “Cyber 911 Effect” for your agency? I offer three steps:

  1. Elevate cyber risk as a priority at the executive/board level and do the work needed to better understand what your organization’s cyber risk really is;
  2. Conduct an enterprise-wide cyber security assessment to become informed for how your current cybersecurity behaviors and investments stack-up to your inherent risk; and
  3. Implement a program of continuous risk monitoring and mitigation to build stronger cybersecurity maturity against the threats you face.

What? You say you don’t have the time or funds to do these three things? Well the truth is that it’s going to cost you a LOT more time and money if you do get attacked and you don’t do them…a few examples:

  • Albany, NY – city services and police department impacted, cost not yet known
  • Atlanta, GA – city services impacted; estimates vary, $5,000,000 and $17,000,000
  • Baltimore, MD – weeks with many city services offline; $18,000,000 recovery estimated
  • FBI National Academy – websites breached, stolen PII of thousands of LEOs exposed
  • FEMA – personal information on 2.5 million disaster victims exposed by subcontractor
  • Indiana – health information of >31,000 patients exposed
  • Massachusetts – attack shuts down parts of Public Defender Agency
  • Oklahoma – millions of government files exposed, some pertinent to FBI investigations
  • Riverside, TX – 10 months of police/fire department files affected

While I’d love you to call me in (410-903-6289) to help you get it done, there are many good cyber risk assessment offerings out there. Whichever way you go, take the time and make the investment now (less than $10k) and just do it.

To learn more about my cyber risk assessment offering, please read this posting: https://www.linkedin.com/pulse/nowheretohide-now-offering-enterprise-cyber-security-risk-georgo/

Thank you…r/Chuck

* Note: John O’Neil died in the September 11, 2001 attacks on the WTC, 2001. Believe it or not, it was his first day on the job as the Chief Security Officer for the WTC compound. You can read more about him in the book Securing the City.

27.05.2019 Cyber assessment, cyber crime, cyber security, cyberprism Comments Off on NOWHERETOHIDE to launch innovative Cyber Assessment Services

NOWHERETOHIDE to launch innovative Cyber Assessment Services

CyberPrism – Cyber Assessment Tool and ServiceNOWHERETOHIDE is pleased to announce it will soon be launching an innovative and comprehensive Cyber Assessment Service offering.

Public and private sector organizations will be able to either have NOWHERETOHIDE perform an enterprise wide Cyber Assessment for them, or they will be able to subscribe to the award winning and innovative CyberPrism Cyber Assessment Tool (CAT) being offered as a SaaS application.

Use this “Contact Us” link to find out more.

Cyber Risk International recently held an executive briefing for US and European CIOs entitled Empowering the CIO with Cyber Security;  here’s a short video capturing the briefing and the post-event networking session: