Should C-level Bonuses Be Tied To Cybersecurity Posture?

Posted by:

The cybersecurity catch-22 – have you run across it? This is where, for example, you’ve found a vulnerability in a product, and you inform the affected company in a responsible way, but you never receive a response.

Or perhaps you work in the development team, and really want your employers to give you the resources you need to address a security flaw, only to see your requests shoved aside to focus on new, sexier features.

Read More →


How to get stakeholder ‘buy in’ for regular penetration testing

Posted by:

Yet another massive breach was confirmed last week, after 2.2 million patient and employee private records at cancer treatment provider 21st Century Oncology Holdings were found to be accessible to unauthorized third-parties.

Patients’ names, Social Security numbers, physicians’ names, diagnoses and treatment information, as well as insurance records could now all be in the clutches of unauthorized individuals. Ouch.

The FBI made the organization Read More →

SEC Cybersecurity Exams