Cybersecurity insurance is a valuable tool for specific purposes. It is not a replacement for a proper risk mitigation program, but can displace some of the financial losses for extreme cyberattacks. Policies can provide important financial relief, but it should never be the first or only line of defense.

Check out the article by Mirko Zorz at Help Net Security magazine:  https://www.helpnetsecurity.com/2025/03/27/cyber-insurance-ciso/

What does it say about our industry when a cybersecurity compromise that, in a software supply-chain vendor creates a minor inconvenience (forcing timecards to be written down by Starbucks workers), gets tremendous visibility in the media?

Perhaps it is because it threatens our coffee addiction (me included)?
This is how society priorities cybersecurity issues!

https://www.cnn.com/2024/11/25/tech/starbucks-ransomware-attack

#DontTouchMyCoffee

I am truly honored to join the Advisory Board of MindShield to fundamentally improving cognitive defenses and protect people and organizations from cybersecurity threats and exploitation. 

We must better understand the underlying vulnerabilities at the cognitive level, to create methods and enhance solutions that are effective, efficient, and sustainably adaptable against the adversaries. 

This is the worthy challenge that MindShield will tackle and I am excited to be a part of it!

Do CISOs Want to Split Their Role?
A recent report by Trellix indicated that due to growing complexity, responsibility, and regulatory accountability, a majority of CISOs believe their role should be split into separate positions.

I don’t see a positive outcome if these roles are separated from an existing CISOs. It should not be a split, but a purposefully designed hierarchical structure under the CISO that will make leader more capable and effective in navigating and steering the risks seas.

There are many cybersecurity and privacy risks to consider, both from the user and the enterprise, when it comes to Microsoft's new OneDrive feature that will connect their personal OneDrive with their work device!

LinkedIn: https://www.linkedin.com/in/matthewrosenquist/
YouTube: https://www.youtube.com/CybersecurityInsights
Follow me on Substack: https://substack.com/@matthewrosenquist
For more Cybersecurity Insights: https://www.cybersecurityinsights.us/

We have all heard of cyberattacks against national critical infrastructures. It sounds menacing, but have we as individuals really felt the direct impacts? It is likely coming and will be brutally memorable.

As aggressive nation states ramp up cyberattacks #cybersecurity matters more every day!

The InCyber Forum Canada 2024 conference is an outstanding event, packed with multiple stages, many thought-leadership panels, and an expansive array of vendors showcasing their latest innovation.

Come to Montreal Canada, Oct 29th-30th, and check out our panel Protect your Data, Thrive in Business: Strike a Balance.

Registration is open and here is a 50% registration discount code!

Register: https://2024.northamerica.forum-incyber.com/en/pe1/pe1-home.htm
Discount code is: ININ59XU2CF3

In this episode of The Cybersecurity Vault, we discuss these changes with Ryan McBeth, an intelligence analyst and popular YouTube influencer who delves into the risks and paints a unique picture of our rapidly evolving world.

More extortions, same breach - a perfect example of how not to deal with ransomware risks. The nightmare continues for schools, students, and teachers who's private data was exposed by PowerSchool.

https://matthewrosenquist.substack.com/p/powerschool-data-breach-round-2-extortions