by Keith McCammon

Assorted things I’ve read, watched, or listened to:

1. Cyber insurance is no silver bullet for cybersecurity - “Regulators and businesses hope cyber insurance will drive stronger security practices. In reality, a narrow focus on mitigating financial loss makes it an unreliable solution.” Risk management is grounded in losses, and cybersecurity losses in the context of insurance are explicitly financial. Also, insurance is not intended to be a silver bullet, but one of several tools used to manage risk.

2. A simple framework for predicting where the InfoSec market is heading using cyber-insurance (Thread Reader version)

3. Reddit thread on CISO reporting

4. Outcomes are hard

Categories:

Updated:

You May Also Enjoy