Microsoft released patches for legacy systems affected by WannaCrypt attacks.
The author and RAND researchers recently wrote a paper detailing their findings on how cyber insurers understand and price risk.
Major General Brett I. Williams discusses the distinction between cyberwarfare and information warfare. The distinction can be important!
Solomon Smith and I presented at the Spring ISACA meeting in Iowa City, IA today on cyber education.
The University of Washington has developed a set of 42 playing cards for modeling security and privacy threats. The cards encourage you to brainstorm about potential threats along 4 dimensions:
You may print the cards yourself or request them from the university.
This article has some very good insights regarding what board members say they want and what they are getting from CISOs. They still tend to be skeptical of risk presented as loss predictions in dollars. Storytelling still has an important role to play.