You Can’t Do It Alone

By Eric Noonan • November 26, 2014

When I was a CISO for a global defense company, I realized that a company of any significant size or complexity could never “do” security for themselves. Why can’t big companies go it alone? Partly because of specific resources and expertise that is not resident in-house and partly because of all the things that compete with delivering security, namely projects, politics, personalities, egos and all the other fun stuff that comes with being in a big company. Political correctness and all of the other impediments of a big company naturally get in the way of delivering actual security. Executives have pet projects that compete with core mission requirements and day to day security falls behind.

Couple that with an executive audience that didn’t grow up with and therefore can’t understand the threat, at least not in a way they can quantify like other business issues, and you have a recipe for excess spending on underperforming solutions. This article makes the point. It’s not the sexiest breach to be reported but I’d argue it’s the kind that most likely applies to the majority of companies. Said another way, this was work that probably could and should have been done by internal resources but there are no villains in the story. Security and IT were probably overworked and delivering some IT projects rather than actually delivering security.

I don’t think this is going to change anytime soon which is why I think deliverables-based engagements with trusted partners are here to stay.

CyberSheath Blog

How to Safeguard Your Company from Phishing

Email is so ubiquitous in our everyday lives that it can be a challenge to always be on guard when receiving messages. Each day it’s not unheard of for each member of your team to have hundreds of messages land in their inbox. How do you make sure that none…

3 Tools to Help Defend Your IT Infrastructure from Threats

With the continually evolving threat landscape and the prevalence of team members working from home, it is more important than ever to be proactive with how your company is protecting itself from cyberattacks.  CyberSheath can help. We offer services to build on all the great work you have already done…

DNS Filtering for Additional Protection of IT Systems

Phase one of securing your IT infrastructure should include protecting your endpoints and safeguarding your employees from phishing attempts. After you have implemented these controls, the next logical step is to launch a DNS filtering solution.   What is DNS filtering and why do you need it? Domain name server…

Our Trusted Partners

Tenable Microsoft Siemplify KnowBe4 ConnectWise DUO