The CISO’s Guide – How to Talk to Your Board & C-Suite About Cybersecurity

how to talk to your board

Cybersecurity has become a business topic taking more prominence in the boardroom. A global survey conducted last year named cyber-attacks and data loss as the top two risks concerning directors & officers due to the pandemic-related changes such as work from home, hybrid working environments, and cloud technology transitions. The survey covered the USA, UK, Europe, […]

The Executive Board and the Virtual CISO


Cybersecurity fears are escalating. Cybercrime in the post-pandemic world has skyrocketed, and nation-state grade threats sit on every organization’s doorstep. Four out of five organizations report an increase in cyber threats since the start of the pandemic. Those fears are intertwined with supply chain attack headlines and apprehension of nation-state cyber threats emanating from the […]

The Russian Cyber Threat & How to Mitigate the Risks

russian cyber threat

In the buildup to Russia’s Ukrainian invasion, nearly every media outlet and cybersecurity specialist – including us – warned that a Russian war would inevitably spill over into cyberwarfare. Two days before the attack, Britain’s National Cyber Security Centre (NCSC) warned of “international consequences” and called on UK organizations to “bolster their online defenses.” On […]

Overcoming the People Shortage

cybersecurity expert shortage

Earlier this year, HolistiCyber’s CEO, Ran Shahor, shared his thoughts on the biggest cybersecurity threat. It’s not the Russians or Chinese; it isn’t even supply chain attacks. While those are serious threats that organizations need to prepare for, the biggest threat is the lack of certified, experienced cybersecurity professionals. It is somewhat ironic. We often […]

A Perfect Cybersecurity Storm is Brewing

cybersecurity storm

There’s a storm brewing in cybersecurity that may reshape the priorities of the entire industry over the next couple of years. Four macro-trends coming together at the same time: 1) Use of 𝘀𝘁𝗼𝗹𝗲𝗻 𝗰𝗿𝗲𝗱𝗲𝗻𝘁𝗶𝗮𝗹𝘀 𝗮𝗻𝗱 𝗽𝗵𝗶𝘀𝗵𝗶𝗻𝗴 now represents the most commonly used attack vectors in successful breaches. 2) 𝗥𝗲𝗰𝗲𝘀𝘀𝗶𝗼𝗻 is looming if not already upon […]

Keeping Assets Secured In the Entertainment Business

securing entertainment industry

In our previous post, we looked at some of the major hacks that struck the entertainment industry and identified the industry’s reliance on third-party providers as a major vulnerability. Today, we’ll look at the steps the entertainment industry needs to take to protect assets from potential threats. As always, the industry needs to balance security […]

A Breath Of Fresh Air For A Busy CISO


We’ve all been there. As Chief Information Security Officer (CISO), your team, your management, and your board are all clamoring for your time. Not to mention the dozens of items calling you from your inbox and notification dashboards that all are demanding your immediate attention. The threat landscape is rapidly changing, with warnings being issued […]

Ran Shahor: The Greatest Cybersecurity Threat is Not What You Expect

cybersecurity missing piece

The world of cybersecurity is facing perhaps one of the biggest challenges it has ever encountered. I’m not talking this time about ransomware, Log4J, phishing, or any other attack, but a crisis of PEOPLE. For decades, I have been speaking about the need for training and cultivation of cybersecurity experts; so much so that I […]

Entertainment & Media – The Next Big Cyber Attack Target?

entertainment & media cyber attack

On November 24, 2014, Sony Pictures employees discovered that the company’s network had been hacked. Attackers stole terabytes of data, deleted the originals off computers, and threatened to release the information they stole. Over the next few months, the hackers posted four previously unreleased films and thousands of documents onto the public web. Internet users […]