Blog Archive


A Practical Approach to Cyber Resilience – Developing solutions (Part 3 of 3)

In the third and last part of the blog series on Practical Cyber Resilience, I will cover the Approaches, Tactics and Techniques that an organization should use when developing options for improving cyber resilience. In the previous blog, I detailed the practical five-step Cyber Resilience Analysis Process recommended both by NIST and MITRE for enhancing …

A Practical Approach to Cyber Resilience – The five-step process (Part 2 of 3)

This is the second of a 3-blog series on Practical Cyber Resilience. In the first part, I covered the four key characteristics (or guiding principles) of cyber resilience. In this blog we will review the main objectives and 5-step Cyber Resilience Analysis methodology, as defined by the NIST Special Publication 800-160, Developing Cyber Resilient Systems. Within …

Three takeaways for a Small Business from the Microsoft Exchange hack

I heard this so many times: “My company is too small to be the target of an advanced attack”. Unfortunately, this is not true and the recent cyber-attacks on Microsoft Exchange servers clearly show it. Compared to the recent SolarWinds Orion security breach that directly affected mostly large organizations, the Exchange vulnerabilities were used to …

A Practical Approach to Cyber Resilience – Part 1 of a 3 Part Series

In a previous blog, I looked at the key differences between cybersecurity and cyber-resilience, and why cyber-resilience is a better approach for organizations to follow in 2021 because it is holistic. The IT cyber-resilience is a complex objective requiring a solid understanding and a structured approach. NIST Special Publication 800-160, Developing Cyber Resilient Systems, is one …

Cybersecurity or Cyber-resilience: Which one should be the prime objective for 2021?

Given the increased dependency on digital technologies for daily operations it’s not a surprise that organizations are concerned about cyber threats and the risks these are posing to their operations. But what is the best approach to this problem? Should an organization focus on cybersecurity or on cyber-resilience? Which of the two can be consider …

Five defining moments that shaped cybersecurity in 2020

Among the many disruptions brought by 2020, cyber threats ranked in the top concerns. As we had to rely more on digital for work and social life, cyber-attacks became very real threats for most aspects of our lives: health, work, freedom, national security, and even life itself.  Here is a selection of 5 defining moments …

Accelerating Safely on the Digital Highway

I wrote this post a couple of months back but it’s highly relevant for 2021 and it’s worth being brought up again. You will also find below a reference to an interesting on-demand webinar hosted by InfoSecurity Magazine.. Despite today’s harsh medical crisis we are living great times of innovation. For the past years, digital …

Defeating supply chain attacks together

The recent security incident involving Solarwinds Orion proves that cybersecurity is a team game. We all use software developed by a wide range of providers (and we will continue to do so). Any successful attack on one of these vendors (suppliers) can have negative consequences on all users of their software solutions. Solarwinds was targeted …

My IRONMAN 140.6

“You are an IRONMAN!” These four words go through your ears and directly to your heart! It is hard to explain the feelings you have while running on the red carpet the last 20 meters of a 140.6 miles race and hearing for the first time the famous words: “You are an IRONMAN”. I can’t …

SaaS – a safer choice for SMBs

I had many opportunities to talk to stakeholders in different organizations, big and small, about software as a service and cloud services in general. A typical major concern is security. People usually fear what they don’t understand or what they perceive outsider their control. Questions like “where my data sits?” or “who has access to …

Grown-up games

Playing is an essential activity for human development. By playing children develop skills from the simplest to very complex ones. But the role of playing is not limited to childhood, on the contrary, it transitions to adult life and it continues to be part of human life until the end. I dare to say that …

The Effective Executive, by Peter Drucker – Book Review

About the Author Born in Austria in 1909, Peter Drucker is one of the most influential business writers of the 20th century. He taught management beginning with 1950 until 2005 (when he died) at New York University and Claremont Graduate University. He wrote more than 30 books on business and management, most of them translated …

Pen and paper

I do not know how many of you are familiar with the phrase “Death by PowePoint”. In a few words, it’s the terrible boredom that the audience of a slides based presentation must endure most of the times. As my brother said one day, many presentations have the “Point” but are lacking the “Power”. Not …

Social networks influence on career

We live in a hyper-connected world. Communications technology has changed the face of many industries and one of the areas significantly influenced the jobs market. Most of us enjoy the benefits of online recruitment sites through which we have access to almost all possible and impossible jobs available today in the world. There are also …