Cybersecurity and the Resilient Mindset

Posted on July 17, 2017 at 10:37 am

By Cindy Fornelli If you spend some time around the issue of cybersecurity, it won’t be long before you encounter the notion of resilience. “Cyber resilience is a public good,” observed a 2017 white paper from the World Economic Forum. A 2013 Presidential Policy Directive declared that “it is the policy of the United States […]


Posted on July 10, 2017 at 10:30 am

(WASHINGTON, D.C.) – The Internet Security Alliance (ISA) announced today that they and the Cyber-Security Council of Germany will kick-off a series of collaborative activities designed to strengthen international cybersecurity with a joint event at the National Press Club on October 25, 2017. “It is critical that the two largest western democratic countries work together […]

View from the C-Suite

Posted on July 6, 2017 at 11:25 am

ONE RUNS MARATHONS. Another writes young adult sci-fi. Still another embraces efforts to end homelessness, and a fourth splices in college teaching while managing an eight-country digital asset portfolio. All arrived at the C-suite by divergent paths. Yet in frank conversations about the future of the job and trends for the information security field, some […]

Eye on Atlanta: Larry Clinton, President, Internet Security Alliance: A Roadmap for Improving Cyber Preparedness

Posted on July 5, 2017 at 11:54 am

As company leaders have become better educated about the evolving nature of cyber threats, preparedness for addressing cyber risks has continued to improve. According to PwC’s The Global State of Information Security Survey 2017, 50% of organizations now share with and receive more actionable information from industry peers. Meanwhile, as corporate boards have become more […]

Petya Provides Context for Briefing Council on Foreign Relations

Posted on June 29, 2017 at 10:00 am

It appears the dust was just settling from the global impact of the WannaCry ransomware attack when a new culprit Petya (or not Petya) struck. Among the disturbing characteristics of these attacks is their vast international impact. Desperate for a silver lining, this happens to be a great backdrop for my previously scheduled briefing digital […]


Posted on June 28, 2017 at 4:49 pm

(WASHINGTON, D.C.) – Internet Security Alliance President Larry Clinton will be the featured speaker at the meeting of the Council on Foreign Relations Roundtable on Digital Policy at noon, June 29th.  Mr. Clinton will speak on “US Government Efforts to Improve Cyber Security” “The latest massive cyber-attacks only highlight the need for industry and government […]

Maintaining Cybersecurity During Mergers & Acquisitions

Posted on June 27, 2017 at 10:56 am

Mergers and acquisitions are risky times. Headlines treat the combination of companies as job done after the announcement, but insiders know combining operations is no easy task. These days, add cyber risk to the list of prime considerations companies should weigh before, during, and after any M&A decision. Companies involved in transactions are often prime […]

Board Directors Need to Have Discussions on Which Risks to Avoid, Which Risks to Accept, and Which to Mitigate Through Insurance

Posted on June 22, 2017 at 11:06 am

Total cybersecurity is an unrealistic goal. Cybersecurity is a continuum requiring strategic decision-making about where and how to spend security dollars. Attempting to guard every system equally is a recipe for exhausting the budget on low-priority systems. And it’ll result in bad security, since the company’s crown jewels will lack the sophisticated protections they need. […]

Directors Need to Set the Standards and Expectations for Management to Establish Well-Staffed and Well-Funded Cyber-Risk Framework

Posted on June 20, 2017 at 10:44 am

Much like any response plan, a cybersecurity framework is only successful if it is well-staffed and well-funded. Otherwise, it simply will not be able to adequately handle the stresses caused by a breach. In a world where malware and ransomware are increasing both in frequency and severity – Wannacry, for example, affected 200,000 computers in […]

Boards Need Access to Adequate Cybersecurity Expertise – And Need to Give it Adequate Time on Meeting Agendas

Posted on June 19, 2017 at 12:56 pm

Cyber literacy can be considered similar to financial literacy – not everyone on the board is an auditor, but everyone should be able to read a financial statement and understand the financial language of business. As we all know, cybersecurity is very much a moving target. The threats and vulnerabilities change almost daily, and the […]