By Feris Rifai, co-founder and CEO, Bay Dynamics
October is National Cyber Security Awareness Month (follow #NCSAM on Twitter), and the perfect time for cyber security pros to start shifting their cyber security programs and investments so that they focus on risk management. To assist in that effort, I sat down with Retired Brigadier General Gregory Touhill, appointed by President Obama as America’s first federal CISO, and currently President of the Cyxtera Federal Group, to get his thoughts on how to best adopt a risk management approach.
You may recall in August 2017, we announced that Gen. Touhill joined our Bay Dynamics board of directors. Our relationship with Gen. Touhill began long ago after I read his book, “Cybersecurity for Executives: A Practical Guide.” Never had I felt so connected to an author. The book focuses on building a risk based approach to cyber security, which includes quantifying and better managing cyber risk. Gen. Touhill recognizes that organizations can never reduce their cyber risk level down to zero but they can better manage it by prioritizing their assets that, if compromised, would impact the mission the most.
Shortly after reading the book, I reached out to Gen. Touhill and introduced him to our Bay Dynamics Risk Fabric® cyber risk analytics platform. At that point, we both knew we were kindred spirits and had to join forces.
In this three-part interview series with Gen. Touhill, you will see I crafted my questions so that they focused on prioritized lists, similar to how Risk Fabric delivers prioritized lists of threats and vulnerabilities to stakeholders at all levels of the business responsible for taking action.
Part one of the interview was about the top three things cyber teams should be doing to implement a risk based approach to cyber security. Check it out and remember to follow #NCSAM and #CyberAware on Twitter as well as our Bay Dynamics Facebook, LinkedIn and Twitter pages.