Blog

CISO Hiring Strategies: Tips for Ensuring a Strong and Secure Future
Author: Justin Fimlaid Hiring the right Chief Information Security Officer (CISO) can be a daunting task. Without standardized role and responsibility definitions, it’s difficult to identify quality CISO candidates. The challenge is steeper for those who lack...

8 Updates to the Gramm-Leach-Bliley Act (GLBA) Cybersecurity Requirements: What You Need to Know
Author: Justin Fimlaid If you’re involved with cybersecurity initiatives in higher education, it’s important to be aware of the significant regulatory changes going into effect on June 9, 2023. In December 2022, the Federal Trade Commission (FTC) introduced final...
Three Lifelines for the New CISO: Practical Tips for Quick Success
Author: Justin Fimlaid In a labor market where 600,000 cybersecurity jobs are left unfilled, security leaders are being promoted and recruited at a breakneck pace. Some new entrants may feel like they’ve been dropped upstream without a paddle, while others may make...

The First 101 Days as a New CISO – A Chief Information Security Officer’s Playbook
Author: Justin Fimlaid If you’re a new CISO or starting a new security leadership gig, the first few months on the job are critical to your future success. You’ll be judged, tested by your organization and staff, and put on stage to perform in front of...

5 Reasons for Confidence in U.S. Cybersecurity
Author: Justin Fimlaid Through three decades of increasing cybersecurity challenges and growing numbers of publicly disclosed events, there are solid reasons to have confidence that the United States will remain a leader in cybersecurity. Few countries can approach...

How the Chaos Theory Can Impact Your Cybersecurity Budget
Author: Justin Fimlaid Effective cybersecurity is an accumulation of many small actions performed properly. When you apply chaos theory, beneficial impacts can be traced back to small changes to the initial state, but too often I see organizations making big...

Using Chaos Theory to Guide Strategic Cybersecurity Decisions
Author: Justin Fimlaid Chaos theory is a branch of mathematics that studies the behavior of dynamic systems that are highly sensitive to both initial conditions and the most minor changes to those conditions over time. This is also referred to as the butterfly effect....
The Top 8 PWNED Episodes of 2022
Author: Justin Fimlaid When we started PWNED in 2018, our goal was to connect with cybersecurity leaders and enthusiasts by producing a weekly podcast to address real-world security challenges. Since then, we’ve created 160+ episodes and are frequently in the top 100...
Announcing the Almanna Cyber and NuHarbor Security Polyglot Challenge
Author: Jack Danahy It’s time to find common ground and a common lexicon to simplify security operations and decision-making. The cybersecurity market is probably one of the most innovative and fractured in all of technology. Unlike those in storage, processing, or...
Transformative Leaders are the Key to Success in SLED Cybersecurity — Get the Full Report
We spent the past year surveying senior leaders, analysts, and experts, identifying trends and successes that are defining a new generation of cybersecurity visionaries within the SLED community. During this research, it was clear that the characteristic that defines...
Improve Your Argument to Move Past Cybersecurity FUD
In the past year, we saw tremendous growth in cybersecurity, with many new professionals entering our industry. Looking to 2023 and beyond, I expect even more growth. It’s always interesting to see newcomers find their own position on cybersecurity drivers, many of...
Risk Assessments in Everyday Life
Risk Assessments in Everyday Life At NuHarbor, our Security Advisory experts specialize in risk assessment and consciously think about risk every day. Sometimes this is good, like when a friend extends the invite to go cliff jumping or skydiving in Mexico. Other...
The Path to Improve Your Application Security Posture
“Software is eating the world.” – Marc Andreessen (Wall Street Journal, 2011) Application security (AppSec) is the most misunderstood and underserved security challenge facing every organization, security team, and developer. No matter your perspective, the perceived...
Recruiting Your Best Security Partner
When an organization reaches a certain size or adopts a more strategic role for security in their planning and operations, they look for a Chief Information Security Officer (CISO) who can act as an advisor and a bridge between cybersecurity teams (and challenges) and...
Three Steps to Relieving the Cybersecurity Workforce Skills Gap
Across all industries, workforce recruitment and retention are more challenging than they’ve been in decades, with the total unfilled job vacancies in the U.S. more than double what it was 10 years ago. In cybersecurity, this problem has been well-documented for over...