
Blog Sign Up

Aggregate Risk Demystified: The Formula Every Business Needs
In this episode, we'll explore the comprehensive approach to scanning and evaluating the entire ecosystem of your application, including databases, firewalls, and routers. Discover a simple yet effective formula to aggregate the risks from hundreds of vulnerabilities and learn how to categorize these risks to support your corporate objectives and mission.

Unpacking Trump’s Cybersecurity Orders: Key Updates and What They Mean for National Security
In this episode, we delve into President Trump's recent amendments to Executive Orders 13694 and 14144, primarily focusing on enhancing national cybersecurity. I will outline six key areas of impact, including specific threat identification, secure software development, post-quantum cryptography preparations, AI in cyber defense, modernizing federal systems, and defining scope in sanctions and applications. These proactive measures aim to strengthen the U.S. cybersecurity posture against foreign threats. Join the discussion and share your thoughts on these crucial changes.

Unlocking Savings: Managing SIEM Operational Costs Effectively
Is storage really as cheap as people think? This episode delves into the true cost of storage in the context of Security Information and Event Management (SIEM) systems. We explore traditional logging practices and their impact on storage, especially with the rise of cloud computing and hybrid environments. The key focus is on identifying critical applications and underlying architectures to optimize logging processes, thus controlling operational costs without compromising security. Learn about the importance of strategic log triage and maintaining an efficient security posture in a complex IT landscape.

One Insight from 1978 Could Change Your Cybersecurity Strategy
Dr. B in this enlightening episode of Doctor's Advice as he delves into Steward Madnick's 1978 argument that effective computer security requires more than just technical measures. Discover why managerial controls—like policies, standards, and procedures—are crucial for operational cybersecurity. Dr. B explains the importance of prioritizing critical systems that support corporate objectives over random vulnerability patching. He also discusses the challenges of maintaining cybersecurity in today's rapidly expanding digital landscape. Tune in to understand how mission-based cybersecurity strategies can help your organization meet its goals while protecting key assets.

Strategic Imperatives for Electric Utility Cybersecurity Amidst Heightened Geopolitical Risk
The operational and threat landscape we navigate is undergoing a period of unprecedented challenge. Our role as stewards of critical national infrastructure now extends deep into a digital domain aggressively contested by sophisticated adversaries, many fueled by geopolitical agendas. The imperative to secure our energy delivery systems against these evolving threats has never been more acute. This is not a future concern; it is the immediate operational reality.

Top Patterns of Organizational and Cybersecurity Risks (2022 - 2025)
The common patterns among the top organizational and cybersecurity risks from 2022 to 2025 are based on the World Economic Forum and Enterprise Risk Management in collaboration with North Carolina State University.

Making Cybersecurity Infectious
Power doesn't always reside in size or strength but in the ability to spread, influence, and become contagious.
And that's precisely the question we need to ask ourselves about cybersecurity: What would it take to make it infectious? How can we spread a passion for security, a sense of shared responsibility, and a commitment to protecting our digital world?

Mission-Critical Cybersecurity - It's Not Just About Protecting Data
In the face of ever-evolving cyber threats, are we truly secure? Or are we just clinging to a false sense of security while neglecting the most crucial element of all?
It's not just about protecting data; it's about protecting your organization's mission. It's about safeguarding the very reason you exist.

Protecting What Matters - A Mission-Driven Approach to Cybersecurity Risk
We live in a world where the digital and physical are inextricably linked. Every interaction, every transaction, every piece of information leaves a digital fingerprint. While offering incredible potential, this interconnectedness also exposes us to unprecedented vulnerabilities. Cybersecurity is no longer a technical afterthought; it's a fundamental imperative for any organization that seeks to thrive or survive in this modern age. But how do we navigate this complex landscape of threats and vulnerabilities? How do we build a cybersecurity risk strategy that truly protects what matters most? As with any meaningful endeavor, the answer begins with understanding our why.

From Hard to Easy - Building a Mission-Based Cybersecurity Risk Strategy
The great German philosopher Goethe wisely observed that "everything is hard before it is easy." This simple truth resonates deeply, especially when we consider the complex landscape of cybersecurity. For many organizations, the journey to a robust and effective cybersecurity posture feels overwhelmingly "hard." We're often caught in a reactive cycle, constantly putting out fires rather than proactively building resilience. But what if we shifted our perspective? What if, instead of focusing on the "hard" of reacting to threats, we focused on the "why" – the mission