#ThrowbackThursday to SecureWorld's 2019 #StateOfThePhish webinar, in which I had the opportunity to share some #CISOWisdom about the use of consequence models with #EndUsers who struggle to spot and avoid #phishing emails. ow.ly/oU7g50o5W7Y

I have been involved with the Heinz College at CMU #CISO program at Carnegie Mellon University since its inception, and it is an excellent option for any #infosec-minded person interested in this career path. ow.ly/MSVC50oTLar

If you will be at the NetDiligence® #CyberRiskSummit in #Toronto tomorrow, I hope you will stop by the #CISO Round Up session at 4:15pm. I'd love to meet you in person. ow.ly/oW5a50oKNyP

I'm at the NetDiligence® #CyberRiskSummit in #Toronto today, and I'm looking forward to sharing some #CISOWisdom with my fellow panelists during the #CISO Round Up session at 4:15pm. Hope to see you there! ow.ly/s98450oKNHP

Thank you to those who planned and hosted the #CyberRiskSummit in #Toronto last week. I enjoyed connecting with other #infosec pros and sharing my own #CISOWisdom. If you have an opportunity to attend a NetDiligence® #cyber conference, take advantage! ow.ly/Q52U50pC9k4

#WednesdayWisdom: It's #SpringBreak season here in the US, and these #TravelTips - including some #CISOWisdom from yours truly - are great to share with #EndUsers, friends, and family. #cybersecurity ow.ly/7utM50pLr7K

#ThrowbackThursday to the advice I once shared with Finance Digest, which is as true now as it was then: #EndUsers should absolutely be part of #DefenseInDepth strategies. #SecurityAwarenessTraining ow.ly/aC2f50pLrut

Good to see that coordinated efforts between the #IRS, #TaxProfessionals, state #tax agencies and others have led to fewer incidents of #IdentityTheft for US taxpayers. More from Accounting Today. ow.ly/qruR50qoZ75

I generally read the Proofpoint Security Awareness Training #StateOfThePhish Report multiple times ... it's a great resource for real-world #phishing impacts and actionable advice. In my opinion, it's only gotten better over the years. ow.ly/jSY350qoZgj

I am shocked ... and, frankly, disappointed ... by findings that most orgs don't have a #CSIRP in place. Many things about #cybersecurity aren't fully in our control, but we MUST be better about the things we can control. More from ITProPortal. ow.ly/wJNi50qoZsP

As a #CISO, I (unfortunately) experienced the impact of a #NationState attack, so I can understand why #cyber insurance coverage would have seemed like a light at the end of the tunnel for these orgs. Curious to see how this plays out.  ow.ly/AA8a50rjvQg

I've posted about this before, but it's worth repeating: Prioritizing time-to-market over solid #cybersecurity is a mindset that we, the good guys, need to change if we ever hope to get ahead of the #security curve. ow.ly/SExx50rjwh7

Kudos to Google for taking action to support the #security of #MobileDevice users. ow.ly/ZAh750tbZB9

#WednesdayWisdom: This is a good example of "If it seems too good to be true, it's probably a #scam." Remind your #EndUsers that #phishing is not confined to the workplace. #cybersecurity ow.ly/rYtu50tbZCP

Some interesting findings presented in this TechRepublic article. I was personally surprised to see that #SMB execs view #SocialMedia and apps to be the biggest source of #cyber risk, as opposed to #phishing emails. ow.ly/82JM50tbZQx

#TuesdayThoughts: I have written and spoken about #GDPR quite a bit. This The Wall Street Journal story is one I will follow with interest ... and if your organization handles the #data of #EU residents, I suggest you do the same. #cybersecurity #DataPrivacy ow.ly/kFmQ50u1O9r

I’m looking forward to joining a few of my contemporaries tomorrow to discuss best practices for #SupplyChain #RiskManagement. If you’ll be attending the @CERT_Division #Cyber Law and Privacy Symposium in #Pittsburgh, please be sure to say hello. ow.ly/ob0150u1Oj0

#WednesdayWisdom: Don't make assumptions about vulnerabilities and targets, put #ThreatIntel to work for you. Learn how your org is being attacked and who is being targeted ... and use that to inform your #SecurityAwarenessTraining activities.  ow.ly/6mAn50u1Oa4

I’m #Chicago bound today to attend the May 9 Data Connectors #Cybersecurity Conference. If you’ll be on the #MagnificentMile, be sure to join me and a few of my peers for the "Secrets of Superstar #CISO Success" panel discussion at 4:20pm. #CISOWisdom ow.ly/tnPZ50u1Ol8

#DYK that a successful #cyberattack generally forces #physicians offline for 4 to 24 hours? #ThrowbackThursday to the time I spoke with HealthITSecurity about the tools #healthcare IT teams can use to fight #phishing and #ransomware. ow.ly/cHcu50u1Obk