THE BALBIX BLOG

Musings on predictive cyber risk and resilience.

 

3 Questions Your Board Has About Cybersecurity

Let’s get straight to the point. The main question your board has is, “Are we secure?” As you know, that is an overly...

The 3 Reasons CVSS Scores Change Over Time

CVSS Scores are numeric representations of the severity of a vulnerability. CVSS scores are composed of three sub metric...

6 Challenges New CISOs Face in Assessing Breach Risk

Week 2 at the new gig as CISO of the hot company you've had your eye on for quite some time. No immediate red flags yet....

Women CISOs to Watch

I recently interviewed three women leaders in cybersecurity on what it is like to be a female leader in this typically...

How to Talk to Senior Executives About Cybersecurity

There will always be subjects that we need others to explain to us like we are five years old. Quantum Physics. Super PACs....

The Top 10 Routinely Exploited Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) recently published...

Understanding Cyber Resilience: The 4 Stages of a Breach

Software is fragile, people make mistakes, and despite robust investments, any organization can be breached. With enough...

5 Reasons to Stop Using CVSS Scores to Measure Risk

When a new software vulnerability is reported, the infosec team's first job is to determine the risk that the vulnerability...

One Tool to Rule Them All

If you were to take a 10,000 ft view of your organization’s current security posture, would you see Figure A or Figure B?

Improving Your Security Posture in 3 Easy Steps

Security posture, which is the aggregate security status of all assets in your organization, has an inverse relationship...