Explore our resources

The transformational CISO has become the bridge between cybersecurity and the C-Suite. They must effectively articulate the link between cyber…

With Blue Lava’s Security Program Management (SPM) platform, built with, by, and for CISOs to measure, optimize, and communicate the…

As your company heads into diversity month, let's discuss some of the significant benefits and practices companies can consider implementing…

We all have our own perspectives, assumptions and expectations for what it takes and what it means to be a…

When creating a security program, it's important to think beyond individual security measures and consider how your program aligns with…

Read our interview with Dustin Sachs and gain valuable insights. Learn about his critical skills, experiences, and challenges in becoming…

In part to assist new and experienced CISOs discuss the potential risks inherent in their role, the Blue Lava Community…

It's impossible to truly know what you're getting into before you start working, but there are steps you can take…

It's impossible to truly know what you're getting into before you start working, but there are steps you can take…

Bug bounty programs are an opportunity to resolve bugs when your team can’t find the issue or doesn’t have time…

Cybersecurity mentorship programs are a great way for organizations to take control of any issues they’re running into when trying…

We all have our own perspectives, assumptions and expectations for what it takes and what it means to be a…

We all have our own perspectives, assumptions and expectations for what it takes and what it means to be a…

Need some tips and tricks for Board buy-in? In this blog, learn exactly how to position your cyber security program’s…

While there are many commonalities in terms of data collected for GRC and SPM, the objectives are different. GRC documents…

We have a massive supply and demand issue that creates the “Cybersecurity Talent Challenge” The fact is, there are not…

In the spirit of Cybersecurity Awareness Month, we thought we would de-mystify a few of the tall tales and horrors…

Summer interns are an excellent resource for evaluating security vendors when you have an active project. The intern learns about…

To help CISOs measure, mitigate and communicate their cyber risks, Blue Lava has introduced a new Risk Dashboard and toolset…

This is the third of three blog posts about our recent survey on security program management. The previous posts discussed…

This is the second of three blog posts about our recent survey on security program management. The previous post discussed…

This is the first of three blog posts about our recent survey on security program management. This post discusses some…

For many, the SEC’s proposed new rules on cybersecurity are a long time coming. Read Blue Lava's reponse

So many times, I’ve personally struggled with the successful alignment of security to business objectives. Part of this challenge is…

As a typical CISO, we find ourselves with a minimum 50-hour workweek pretty much every week. The question is, where…

2020 was a banner year of transformation—whether we liked it or not—changing how we work individually and together, both on…

As emphasized by SFIA (Skills Framework for the Information Age), everyone holds information security responsibilities. Individuals and organizations need to…

Last month, I introduced you to three pillars of lessons learned that we can take with us as we move…

I recently introduced you to the Three Pillars of Lessons Learned—a three-part blog series that we can take with us…

A handful of first-time and emerging CISOs have reached out and asked for some best practices as they continue their…

A handful of first-time and emerging CISOs reached out to me and asked for some best practices as they continue…

According to Gartner, worldwide security and risk management spending may be under greater scrutiny in 2021compared to previous years. So…

How do we know we’re doing well with our security program —or if we are missing the mark when it…

We are excited to introduce you to our latest series of educational blog posts directly aimed at new CISOs. Our…

Part two of our series picks up where Phil left off and provides new CISOs advice on how to get…

Part one of our ongoing informative blog series, “Your Blueprint for Success: The Starter Guide for CISOs,” Phil Beyer, Head…

This series was written by CISOs for new CISOs. Our goal was to introduce you to the necessary steps to…

From the InfoSec leadership perspective, there’s a clear focus on vulnerabilities, attacks, incidents, and threat intelligence. From the business community…

I’m proud to announce that Blue Lava has recently been named in Gartner’s 2021 Cyber and IT Risk Management Hype…

You’re a CISO doing a bang-up job on your company’s security posture. From a technology perspective, you use all the…

As Gartner continued to release new Hype Cycles throughout July, Blue Lava was proud to be included in a total…

Blue lava is the first business platform for CISOs to manage their security program. Blue Lava guides security leaders to…

Mergers and acquisitions (M&A) create unique challenges for cybersecurity teams. Before the business transaction, cyber due diligence is necessary to…

While recently thinking on ways to help our community tackle this challenge, I ran an informal poll on LinkedIn. More…

After years of accelerated cybersecurity spending, it looks like company decision-makers are starting to pull back on the throttle. Security…

We all have our own perspectives, assumptions and expectations for what it takes and what it means to be a…

Data Privacy Day is always a good time to pause and recognize the kinship that the security and privacy teams…

The COVID-19 pandemic has affected the world over. Countries and regions have taken measures to curtail the spread of this…