Month: October 2017

We at Ambassador Solutions are excited to share our new community of InfoSec executives–CISOnation.   We’re working together to keep our organizations’ information safe and secure, while leveraging our InfoSec assets to formulate a Unique Security Selling Proposition™! The Equifax “Mother Of All Breaches” (MOAB) shows us the risk of not being secure or prepared is greater than ever. That’s where the CISOnation comes in.

The CISOnation is all about the people, products and services required to address the No. 1 threat to our nation’s future—and therefore every organization within it. We connect companies with InfoSec executives, including corporate boards who increasingly need an outside CISO perspective on the business.  We are all about the people who stand vigilantly as watchmen on the cyber walls that must protect us.

An important part of our mission is helping organizations develop their Unique Security Selling Proposition™ (USSP™). Having a USSP™ that leverages InfoSec assets will help forward thinking firms separate themselves from their competition. It’s time to play offense with cyber security.

We Know CISOs: IT’s All About the People!

Few jobs are more challenging than being a CISO in America today. The hours can be brutal and the pressure relentless. Because the bad guys never sleep, the CISO sleeps fitfully through nights that are all too short. Rising before the sun, he/she pours a cup of coffee and begins pouring over the reports that reveal just how bad the bad guys were during the night….

How do we know? Because we know CISOs. We’re already connected to nearly 1,000 CISO candidates across the country and will triple that number by year-end. We not only help organizations find the right CISO for them, but then we serve those CISOs with downstream products and services that help them excel in their positions.

We’re here to serve the CISOs of America and those who cannot survive without them. We have the tools and the people to help CISOs stay on top of the latest best practices. If you’re a CISO or aspiring to be, we invite you to join us at CISOnation.

Contact us today to learn how we can help you find the right company and create your own USSP™. Subscribe to our newsletter to receive the latest CISO news, then reach out to our founder, Brad Lindemann, via LinkedIn so you can learn more about CISOnation where … United We Stand Secure!

 

 

Bloomberg on Equifax Hack

So much has and will be said about this MOAB (Mother Of All Breaches), we won’t attempt to further expound here. Just wanted to make sure the CISOnation saw this well done and comprehensive piece by Bloomberg.

Read Article

---

Cybersecurity Disclosure Act of 2017 (S.536)

Whether S.536 every becomes law or not, public and large private company boards will soon be adding external CISOs to their boards voluntarily. If I chaired such a board today, I would not only do that, but I would require that our internal CISO sit on another company’s board to broaden his/her InfoSec horizons.

Learn More

Indy’s own, DEFCON CYBER™, is a comprehensive cybersecurity awareness and compliance platform.  It vigilantly monitors InfoSec environments according to Best Practices (National Institute of Standards and Technology Cybersecurity Framework), then alerts customers according to their priorities to better protect their information.  This is achieved by:

– Discovering the unknowns in InfoSec operations and measuring the risk of time to resolve problems, such as:

• Asset Management: Servers operating in a distributed environment going unnoticed because they’re not on anyone’s inventory list
• Prioritization: Notifications of devices plugging into networks not getting immediate attention
• Awareness: Unaware of machines not loaded with the corporate antivirus software
• Resource: 14 system dashboards being monitored by one person

– Applying decision-making logic and context to formalized response workflows and enabling informed remediation prioritization.

– Reconciling the critical notifications of multiple security technologies by connecting the organization’s business cybersecurity risk strategy (represented by its prioritized best practice outcomes which overlays industry controls such as ISO 27000, COBIT, NIST 800-53, etc) with the existing security technologies it has in place.

– Correlating and rationalizing data from multiple security sensors to save time and resources.

– Prioritizing security operations’ incidents, automating and tracking response and remediation, while measuring the related risk.   For more information on how DEFCON CYBER™ works, download their “How it works” PDF.

Learn more about DEFCON CYBER™.

For a personal introduction to a DEFCON CYBER™ representative, please contact us.

Upcoming Product Spotlight: AppGuard

We’re doing due diligence on this product and would welcome input from anyone with insight or experience with it…or the people behind it.

Learn more about AppGuard.

If you have experience with AppGuard, please contact us.

Video Transcript

Hello, my name is Brad Lindemann, CEO of Ambassador Solutions and Founder of the CISOnation. Today, I want to talk about why every CISO in America should be on the board of at least one company other than their employer.

If you’re not aware of pending U.S. Senate Bill S.536, the Cybersecurity Disclosure Act of 2017, you should be. It effectively mandates that each of our 4,000 plus publicly-held U.S. corporations has a CISO on its board of directors. Whether it becomes law or not, we don’t have to look further than the recent Equifax fiasco to see the wisdom of such a mandate. After all, every CISO I’ve ever spoken with believes that our nation’s greatest threats are coming at us via cyberspace.

When a CISO assumes an outside board seat, both their employer and board benefit from the additional knowledge gained and transferred. Such a move will also be a career catalyst for the CISO, never mind the nice boost in income. The median pay for an independent board member of an S&P 500 company is over $255,000 per year, according to a 2016 Fortune study of data from MyLogIQ and regulatory filings (Fortune 2/24/16).

Here’s what I believe companies should be looking for in a CISO board member:

• current employment at a public company, if the company is public,
• someone with an employer in a non-competing business of similar or larger size and scope,
• a person who hasn’t been referred by any company executive or board member, because his or her seat must be the most independent of all,
• someone who has been battle-tested by having lived through a significant breach,
• excellent communications skills,
• a person who is business savvy,
• board room experience with their current employer, and
• a spotless background-check.

This is why we’ve added CISO board members to our executive search offerings, and why we welcome every member of the CISOnation as a potential candidate. Also, don’t limit your thinking to public companies. Private companies will also begin to see the wisdom of CISO board membership.