Travis Wong, Resilience’s VP of Customer Engagement, and Tas Jalali, Head of Cybersecurity at AC Transit, discuss cyber insurance and business objectives.
by Nikhil Chawla
Much of operational security (SecOps) involves investing in, deploying, and managing controls and their aftermath. When those efforts tie to a bonafide security strategy we call them tactics. Apart from a strategy, SecOps efforts are at best compliance processes or at worst security theater. What makes a security strategy meaningful? A business objective. The objective we are proposing for the industry is: Making The Business Resilient To Material Losses. That objective drives goals, strategy and tactics. It’s how a companies executives, board, and security practitioners can create a business that is “Cyber Resilient By Design.”
The cybersecurity industry has a terminology problem. We’re still calling it “ransomware” when the majority of attacks no longer encrypt and request a ransom for decryption as their primary weapon. Resilience’s analysis of cyber extortion claims in our portfolio throughout 2025 reveals a dramatic acceleration in attack methods. Data theft extortion-only events rose from 49% […]
Here’s a question that should make any enterprise risk management (ERM) professional uncomfortable: How can you manage a risk you don’t even know exists? In my role leading threat intelligence at Resilience, I work at the intersection of cybersecurity and business risk. And I’ve noticed a persistent gap: many ERM professionals know cyber risk belongs […]
We’ve covered why vendor discovery matters, how to mine data streams for comprehensive vendor identification, which vendor categories are commonly overlooked, and how to implement risk-based tiering. Now comes the critical question: how do you actually implement this in your organization and make it sustainable over time? Chuck Norton from Resilience emphasizes the resource reality: […]
Spotify
Apple Podcast
Google Podcast