Providing cybersecurity advisory content to startups to establish an effective cyber program

— Join former ICE and NYSE CISO Jerry Perullo as he explores the opportunities available to tech executives after retirement
View All CISOGovernanceArchitectureCyberOps
The Adversarial Podcast Ep. 1 - Snowflake, Shared Fate, and the Gili Ra’anan Model

In this episode, former CISOs-turned-founders Jerry Perullo, Mario Duarte, and Sounil Yu discuss the recent wave of cyber-attacks using Snowflake and the model of shared fate. They debate the effectiveness of banning ransom payments and explore the complexities of cybersecurity regulation, using recent events involving UnitedHealth and Jerry's former employer as case studies. The conversation also touches on the ethical dilemmas CISOs face when interacting with venture capital, highlighting pers

2024-07-01
Cyber Governance: What is Fair to Expect from Board Directors and Management? 1 of 4

With mounting pressure around cyber literacy in the Boardroom, Directors are looking for specifics around what will be expected of them. Likewise, organizations are wondering what is fair for Directors to expect of management. Drawing on experiences from both sides of the table, following are reasonable expectations that leverage Director talents to establish effective cyber oversight. I'll do this using a mnemonic to guide program governance internally and externally - TRIC: Threats, Risks, In

2022-10-17
IOCs aren't for blocking - they are for control validation

There is a misconception out there that security departments should be ingesting feeds of Indicators of Compromise (IOCs) and loading them into firewalls, endpoint software, and proxy configurations as soon as possible. This perception is amplified by product marketing focused on the task, and it's easy to get caught up in the idea that this is our mission. By the time an IOC has been published in an intelligence report, there is a high likelihood it has been neutralized. Imagine a command & co

2022-02-05