98 Posts

Christophe Veltsos

InfoSec, Risk, and Privacy Strategist - Minnesota State University, Mankato

Chris Veltsos is a professor in the Department of Computer Information Science at Minnesota State University, Mankato where he regularly teaches Information Security and Information Warfare classes. Beyond the classroom, Chris is also very active in the security community, engaging with community groups and advising business leaders on how to best manage information security risks.

Written By Christophe Veltsos

Four Key Lessons From NACD’s ‘2018 Governance Outlook’ About Managing Cyber Risks

The National Association of Corporate Directors (NACD)'s "2018 Governance Outlook: Projections on Emerging Board Matters" offered key advice to help board directors engage with cyber risk management.

Where the CISO Should Sit on the Security Org Chart and Why It Matters

The CISO's position on the security org chart influences the nature and frequency of interactions the security leader will have other executives — not to mention the security budget.

Five New Year’s Resolutions to Help CISOs Improve Enterprise Security in 2018

CISOs can improve their enterprise security posture by adopting cognitive technology, educating executives, conducting incident response training and fostering a culture of security in 2018.

Long Road Ahead or Unbridgeable Chasm? Lessons From the EY ‘Global Information Security Survey’

The EY "Global Infomation Security Survey" revealed that CISOs and executives have a long road ahead when it comes to improving communication — but it is indeed a road, not an unbridgeable chasm.

Understanding the COSO 2017 Enterprise Risk Management Framework, Part 2: Combining Apples With Oranges

Organizations that follow both the COSO enterprise risk management framework and the NIST CSF can vastly improve their cyber risk oversight and management.

Understanding the COSO 2017 Enterprise Risk Management Framework, Part 1: An Introduction

The new COSO enterprise risk management framework offers business leaders a road map to more effectively assess, manage, review and report on cyber risks.

Take a Load Off: Delegate Cyber Risk Management Using the Three Lines of Defense Model

The Three Lines of Defense model enables board directors to be involved in the cyber risk management process without micromanaging the security team.

What Can We Learn From the ‘Global State of Information Security Survey 2018’?

While PwC's "Global State of Information Security Survey" noted that governments have improved cyber resilience, businesses still have a long way to go.

Employees Must Wash Hands: 11 Tips to Translate Awareness Into Better Security Hygiene

Due to an influx of high-profile data breaches, employees are more security-aware than ever. But that doesn't always translate to good security hygiene.

Five Ways an External Risk Adviser Can Help the Board Solve the Cyber Risk Puzzle

Executives need an external risk adviser to help them monitor the cyber risk landscape and implement, monitor and refine security controls accordingly.