Yael N

💀 Why National Cybersecurity Awareness Month (NCSAM) Secretly Sucks for CISOs October rolls around. Everyone else gets pumpkin spice and Halloween. CISOs? You get National Cybersecurity Awareness Month. Cue the groan.

It’s October. So I’m thinking about my birthday & also NCSAM. Both are underwhelming.

3 scenarios make NCSAM extra challenging:
1. You're the new CISO
2. Security is on auto-pilot
3. The company has just been through a big shift

suggestions. yasspartners.medium.com/why-national...

CISOs, You're Stuck: Here Are 3 Things to Do Now - Yass Partners The antidote starts with radically honest situational awareness. Then do these 3 things now: 1. Pep Talk 2. Anchor to Crown Jewels 3. Change

Saying what you’re (maybe) feeling and (probably) need to hear

yasspartners.com/cisos-youre-...

I know that people try and take down those whom they envy.

It still stings.

The best remedy is to have a squad. A core group to remind you that friendship actually takes years and shared experience to form.

You’re only as good as the people around you say you are.

Not just when they’re asked, but also when they’re bragging and comparing.

Strive to be who they talk about. In THAT way.

I imagine that defense may also reveal evidence of current interference. Perhaps that originated from infiltration then. At which time we will all agree: “no one is above the law.”

The Overlooked Profile of the Most Effective CISOs - Yass Partners CISO archetypes—There’s one profile no one really talks about. Not because it’s rare—because it’s easy to overlook.

If you have the opportunity to work for a great CISO… you understand this feeling..

yasspartners.com/the-overlook...

The reality is, your boss is worried that you don’t like them and they don’t know how to fix it or even discuss it.

Fmr. CISA Director Chris Krebs on cyberthreats: Expect an increase of offensive cyber activity Chris Krebs, SentinelOne chief intelligence officer and former Cybersecurity and Infrastructure Security Agency director, joins 'Squawk Box' to discuss the cybersecurity landscape, the challenges faci...

Is it just me or did this interview.. ‘take a turn..’

www.cnbc.com/video/2024/1...

This is a 2 part question. You are at a place with other people.
Also there’s a convo running in the background. Where’s that?

And what’s the topic?

a man says " this guy amirite " in front of a dark background ALT: a man says " this guy amirite " in front of a dark background

So, where’s infosec twitter hanging out on Xmas Eve?

(I suspect infosec twitter is wondering the same thing.)

Is there a gofundme ?

CISO Priorities for 2025: Budget Wisely The year 2025 promises new challenges for cybersecurity leaders. Cybersecurity remains funded, but the era of exponential budget increases…

For CISOs, success in 2025 will come from showing up as more than a security expert.

Spending priorities will shuffle. Expect to increase in consulting spend.
yasspartners.medium.com/ciso-priorit...

Onboarding guides: The last person to use it should expect to update it.

3 elements:
1. Add what was missing.
2. Remove outdated and unnecessary.
3. Clarify the confusing.

The first draft is always hard. It benefits from structured thinking and a willingness to share even with the feeling that it’s incomplete.

Managers should encourage anyone (regardless of level) who has an inkling to write a first draft to do so and give them a near term deadline.

I look forward to going to the shoe store and asking to try my new size, 8.666

CISO, Is It Time To Transition? Recognize The Signs and Transition Successfully - Yass Partners This article will discuss how to recognize it is time to leave your job because you've completed the mission and suggest how to proceed.

What if the reason you've got the CISO job blues is because you finished the job you were hired to do and it's time for you to move on?

Are you able to recognize the subtle signs? yasspartners.com/ciso-is-it-t...

Pickled Red Onions - Love and Lemons Pickled red onions add a sweet & tangy pop of flavor to salads, burgers, and more! Learn how to make them with this easy 5-ingredient pickled onion recipe.

I LOVE deviled eggs. I made them for the spring holidays - and used pickled red onion as the topper. (which btw, is a fantastic sandwich accompaniment for Tksgiving leftovers..) www.loveandlemons.com/pickled-red-...

ooooh I love these! I've only ever eaten purchased and eaten them - and they're delicious! I've never made them. Are they hard? Do you ever 'dip' them?

What should I cook?

My Thanksgiving assignment is the warm hearty finger food appetizer.

In the past I’ve made: dumplings, lamb cigars, pesto pinwheels.

Traveling to the U.K. next year? You need to get authorized online. Britain’s new electronic travel authorization, or ETA, goes into effect for Americans in January. It requires a fee even for fliers connecting through the U.K.

Planning to go to, or travel through, the UK? Don’t forget to register and pay

wapo.st/3ZnzRjA

“Which came first, skilled workers or unskilled workers?” George Carlin.

Applied to cybersecurity workforce shortage:

Cybersecurity workers are the ones expanding the definition of cybersecurity work.

But stick to doing the work they like or know.

That’s why there’s a workforce shortage.

Magazine subscriptions are such a great and easy (holiday) gift.

Hot-take: one of the fastest growing hurdles for infosecurity is the increasing distance between the researchers and the practitioners.

Both seem to be increasingly surrounding themselves with their growing echo chambers of peers.

How do you test your company's understanding (and therefore their appropriate handling) of Restricted or Sensitive information?

"If you always do what you've always done, you'll always get what you've always gotten." - H. Ford

When people say that they’re “beyond thrilled” what are they REALLY saying?

Just because you’re good at a job doesn’t mean you’ll necessarily be equally good as the manager of people doing that job.

8 categories (could probably be 5)

- strategic godfathers + hackers turned legends + tech innovators

- cloud and industry moguls

- modern war fighters

- policy enforcers

- rising wildcards + chaos agents

Chat GPT offered 18 names. And categorized them into 8 categories. Not sure I agree w the categories but the names suggested are interesting… perhaps just as interesting as the names missing.