Harnessing AI: How Cybersecurity Leaders Can Protect Their Business
The transformational CISO has become the bridge between cybersecurity and the C-Suite. They must effectively articulate the link between cyber…
AI, Automation, Oh My: Why Human-centric Design for the Modern Cybersecurity Leader Remains Essential to Business Resiliency
The transformational CISO has become the bridge between cybersecurity and the C-Suite. They must effectively articulate the link between cyber…
Five Ways CISOs Can Succeed
The transformational CISO has become the bridge between cybersecurity and the C-Suite. They must effectively articulate the link between cyber…
Blue Lava Releases New Roadmap Reporting to Help CISOs Communicate Their Security Program Strategy and Plan
With Blue Lava’s Security Program Management (SPM) platform, built with, by, and for CISOs to measure, optimize, and communicate the…
Celebrate Diversity Month: How Diversity is Improving Security Teams
As your company heads into diversity month, let's discuss some of the significant benefits and practices companies can consider implementing…
Blue Lava Eliminates “Spreadsheet Hell” with New Cybersecurity Framework Integration Capabilities
We all have our own perspectives, assumptions and expectations for what it takes and what it means to be a…
A CISO’s guide to building a Strategic Information Security Program
When creating a security program, it's important to think beyond individual security measures and consider how your program aligns with…
Future of CISO Careers: Perspectives from a Student and Practitioner
Read our interview with Dustin Sachs and gain valuable insights. Learn about his critical skills, experiences, and challenges in becoming…
Protect Yourself: Safeguarding Your Career as a Cybersecurity Leader
In part to assist new and experienced CISOs discuss the potential risks inherent in their role, the Blue Lava Community…
The Tech Talent Race: Why trust and flexibility should be top priorities
It's impossible to truly know what you're getting into before you start working, but there are steps you can take…
CISO Careers: How to Survive Your First 90 Days
It's impossible to truly know what you're getting into before you start working, but there are steps you can take…
Bug Bounty Program: Is It Right for You?
Bug bounty programs are an opportunity to resolve bugs when your team can’t find the issue or doesn’t have time…
5 Tips for Fostering and Mentoring Cybersecurity Talent
Cybersecurity mentorship programs are a great way for organizations to take control of any issues they’re running into when trying…
Right Sizing Your Security Program and Infrastructure
We all have our own perspectives, assumptions and expectations for what it takes and what it means to be a…
How To Build Trust as a CISO With a Zero Trust Security Policy
We all have our own perspectives, assumptions and expectations for what it takes and what it means to be a…
Cybersecurity Board Reporting
Need some tips and tricks for Board buy-in? In this blog, learn exactly how to position your cyber security program’s…
Security Program Management (SPM) and Governance, Risk and Compliance (GRC): What’s the Difference?
While there are many commonalities in terms of data collected for GRC and SPM, the objectives are different. GRC documents…
Cybersecurity Talent Challenge
We have a massive supply and demand issue that creates the “Cybersecurity Talent Challenge” The fact is, there are not…
Cybersecurity Awareness Month Doesn’t have to be Scary
In the spirit of Cybersecurity Awareness Month, we thought we would de-mystify a few of the tall tales and horrors…
How Internships In Cybersecurity Can Help You Bridge The Talent Acquisition Gap
Summer interns are an excellent resource for evaluating security vendors when you have an active project. The intern learns about…
Blue Lava Introduces New Risk Solution to Further Help CISOs Communicate with their Business Leaders
To help CISOs measure, mitigate and communicate their cyber risks, Blue Lava has introduced a new Risk Dashboard and toolset…
Part Three: Conclusions and Recommendations
This is the third of three blog posts about our recent survey on security program management. The previous posts discussed…
Part Two: What are Priorities for Making Security Program Management Better?
This is the second of three blog posts about our recent survey on security program management. The previous post discussed…
Part 1: Current Practices for Security Program Management
This is the first of three blog posts about our recent survey on security program management. This post discusses some…
SEC Rules on Cybersecurity – Blue Lava’s response
For many, the SEC’s proposed new rules on cybersecurity are a long time coming. Read Blue Lava's reponse
Addressing Top Common CISO Challenges With a 3x CISO | Blue Lava
So many times, I’ve personally struggled with the successful alignment of security to business objectives. Part of this challenge is…
Learning from Experience – November Blue Lava MasterClass Takeaways
As a typical CISO, we find ourselves with a minimum 50-hour workweek pretty much every week. The question is, where…
We’re Heading into 2021… What Security and Risk Lessons From 2020 Are We Bringing with Us?
2020 was a banner year of transformation—whether we liked it or not—changing how we work individually and together, both on…
Three Security Pillars (part 1): The Most Important Parts of Your Security Culture and Program Are the People
As emphasized by SFIA (Skills Framework for the Information Age), everyone holds information security responsibilities. Individuals and organizations need to…
Three Security Pillars (part 2): Enabling and Empowering a Team to Drive Operational Efficiencies, Meaningful Results, and Business Value
Last month, I introduced you to three pillars of lessons learned that we can take with us as we move…
Three Security Pillars (part 3): Selecting and Turning the Knobs of Technology to Do What’s Right for the Business
I recently introduced you to the Three Pillars of Lessons Learned—a three-part blog series that we can take with us…
The Ultimate Plan for a New CISO’s First 90 Days
A handful of first-time and emerging CISOs have reached out and asked for some best practices as they continue their…
Life As a New CISO: Best Practices – Part 2
A handful of first-time and emerging CISOs reached out to me and asked for some best practices as they continue…
Overcoming InfoSec Budget Apprehension: 3 Proven Tips to Ensure CISO Success and Job Satisfaction
According to Gartner, worldwide security and risk management spending may be under greater scrutiny in 2021compared to previous years. So…
Words Matter: What is the Language Used Between Business Leaders and CISOs
How do we know we’re doing well with our security program —or if we are missing the mark when it…
Your Blueprint for Success: The Starter Guide for CISOs
We are excited to introduce you to our latest series of educational blog posts directly aimed at new CISOs. Our…
Your Blueprint for Success: The Starter Guide for CISOs (Part 2)
Part two of our series picks up where Phil left off and provides new CISOs advice on how to get…
Your Blueprint for Success: The Starter Guide for CISOs (Part 3)
Part one of our ongoing informative blog series, “Your Blueprint for Success: The Starter Guide for CISOs,” Phil Beyer, Head…
Your Blueprint for Success: The Starter Guide for CISOs (Part 4)
This series was written by CISOs for new CISOs. Our goal was to introduce you to the necessary steps to…
Alignment Between Business and Information Security Improves with Maturity: What’s the Impact and Which “Side” Needs to “Mature?” (Part 2)
From the InfoSec leadership perspective, there’s a clear focus on vulnerabilities, attacks, incidents, and threat intelligence. From the business community…
Blue Lava Makes the Gartner Hype Cycle for Cyber and IT Risk Management, 2021
I’m proud to announce that Blue Lava has recently been named in Gartner’s 2021 Cyber and IT Risk Management Hype…
The CISO Security Maturity Journey Starts by Connecting Technology Dots to Business Objectives
You’re a CISO doing a bang-up job on your company’s security posture. From a technology perspective, you use all the…
Gartner Confirms the Hype about Blue Lava
As Gartner continued to release new Hype Cycles throughout July, Blue Lava was proud to be included in a total…
The Blue Lava Origin Story
Blue lava is the first business platform for CISOs to manage their security program. Blue Lava guides security leaders to…
Blue Lava Simplifies Security Assessments during M&As
Mergers and acquisitions (M&A) create unique challenges for cybersecurity teams. Before the business transaction, cyber due diligence is necessary to…
2022 Just Around the Corner: It’s Time to Transform Our Security Programs
While recently thinking on ways to help our community tackle this challenge, I ran an informal poll on LinkedIn. More…
A Look at Gartner’s Report: The Urgency to Treat Cybersecurity as a Business Decision
After years of accelerated cybersecurity spending, it looks like company decision-makers are starting to pull back on the throttle. Security…
The Alignment of Business and Information Security Improves with Maturity
We all have our own perspectives, assumptions and expectations for what it takes and what it means to be a…
