Jerald Dawkins is the Chief Technology Officer (CTO) for CISO Global and has founded and exited several cybersecurity companies, including True Digital Security and TokenEx, LLC, both based in Oklahoma. (True Digital Security was acquired by CISO Global in January 2022.) He currently holds three (3) patents in the cybersecurity field.

As we near the halfway point of 2024, it is apparent that the epidemic of extortionary cyber attacks will continue unabated into the foreseeable future. Now more than ever, I believe that until organizations adopt cultural approaches to cybersecurity, breaches will continue to wreak havoc on companies and industries.

As we near the halfway point of 2024, it is apparent that the epidemic of extortionary cyber attacks will continue unabated into the foreseeable future. Now more than ever, I believe that until organizations adopt cultural approaches to cybersecurity, breaches will continue to wreak havoc on companies and industries. But why is this? There are far too many reasons to enumerate here, but in my experience the biggest factors are.

In today’s digital age, organizations are often crippled by a cybersecurity environment that is fragmented and complex. The jumble of security data — from intrusion detection systems to vulnerability management platforms and more — scattered and isolated across various tools, hinders a unified approach to security.

Spring cleaning is no longer just about spotless windows and gleaming floors. In the digital age, businesses need to consider the clutter accumulating in their virtual filing cabinets too. A corporate digital spring cleaning can breathe new life into your organization’s online presence and data management practices.

Sequels, bah! Usually, they are never as good as the first. Do not even speak of prequels! This is less of a sequel, and rather should be considered a continuation of the first blog. In line with the original blog, there will be a few references to Tolkien’s Lord of the Rings. So, without further ado, you have my sword, and you have my bow, and my axe, or, at the very least, some of my NIST CSF 2.0 insights.

In an age where manufacturers have decided that just about every device needs to be “smart,” it’s becoming difficult to avoid the data collection and privacy invasion that are often baked into these devices. We have come to expect that smart phones and speakers with built-in digital assistants are always listening, and data collection practices between companies can vary significantly.

The concept of enterprise-wide ad blocking always provokes a powerful response. Whenever I suggest, even casually, that the next step organizations should take to improve cybersecurity posture is implementing enterprise-wide ad blocking, I can hear the collective screams of sysadmins and help desk personnel everywhere — Websites could have compatibility issues! How will we manage it? Users won’t understand! It could be a help desk nightmare! And you know what? They are absolutely right.

In a recent episode, 60 Minutes brought national attention to the growing threat of ransomware attacks, considered by many to be the greatest current threat to the United States and global economies. More than just informative, the narrative was a chilling glimpse into the depths of the cyber underworld. Forget the stereotype of a hacker, surrounded by energy drinks and empty pizza boxes, tinkering alone in the basement.

The National Institute of Standards and Technology (NIST) released version 2.0 of the Cybersecurity Framework (CSF) on February 26, 2024. The original version was released in 2014, one year after Executive Order 13636 was signed on February 12, 2013. This executive order was written to improve critical infrastructure cybersecurity, streamline the sharing of threat information, and to drive action towards developing a cybersecurity framework.