Category Archives: General

Taking the Fifth …

– “The Fifth Domain” is a recent book by Richard A. Clarke and Robert K. Knake. It is about cybersecurity and how it has become the fifth military domain following land, sea, air and space. Except that it isn’t really, n’est-ce pas? While intellectually one can imagine a fifth domain, it’s…

Pretending about Cybersecurity Risks

– I have written a couple of columns comparing cybersecurity risk management to managing climate change—one with the title “Cybersecurity Climate Change” (December 10, 2018), and the other “The Cybersecurity Paradox” (June 19, 2019)—and here’s another column on the topic. It was…

Are Ransom Payments Supporting Terrorists?

– Organizations, particularly those that recognize that they don’t have essential security and data recovery measures in place, have taken out cyber insurance, which they are regularly using to pay off ransomware attackers. I find it curious that these insurance companies seem to be willing to pay…

“All for One and One for All”

– … So chanted the Three Musketeers. One of my main issues with cybersecurity risk management is that organizations seek to secure their own systems, data and networks, hoping that attackers will move on and attack more vulnerable victims. I have heard this notion explicitly stated by senior…

Cybersecurity is Failing—Time for a Reset?

– When you read what’s happening in cybersecurity, you could cry. We are being bombarded with cybersecurity fails. Recent egregious examples are Equifax and Capital One. To quote an August 2, 2019 article by Tom Foremski “A dismal industry: The unsustainable burden of cybersecurity” which is…