Sign in Subscribe

Brian Weidner

Brian Weidner

The Detect Function in NIST CSF 2.0: The Risk of Seeing Too Late—or Too Much

The Detect Function in NIST CSF 2.0: The Risk of Seeing Too Late—or Too Much

In NIST Cybersecurity Framework 2.0 (CSF 2.0), the Detect function represents the organization’s ability to identify the occurrence of a cybersecurity event in a timely and reliable manner. While Protect focuses on reducing the likelihood of compromise, Detect determines how quickly and how accurately an organization recognizes

The Protect Function in NIST CSF 2.0: Managing the Risk of Control Effectiveness

The Protect Function in NIST CSF 2.0: Managing the Risk of Control Effectiveness

As organizations adopt NIST Cybersecurity Framework 2.0 (CSF 2.0), the Protect function often receives the most attention—and the most budget. Controls, safeguards, and security technologies are tangible, measurable, and familiar. Yet despite significant investment, many organizations struggle to meaningfully reduce risk. The challenge is not whether organizations

Understanding the Identify Function in NIST CSF 2.0: Strategic Risks and Operational Imperatives

Understanding the Identify Function in NIST CSF 2.0: Strategic Risks and Operational Imperatives

The NIST Cybersecurity Framework 2.0 (CSF 2.0) reinforces foundational principles of managing cybersecurity risk while adapting to today’s dynamic threat and business environments. At the core of effective risk management is the Identify function — the foundational step in building a resilient cybersecurity program. Like all CSF functions,

Why Govern Matters in NIST CSF 2.0: Risks of Acting — and Not Acting — on Cybersecurity Governance

Why Govern Matters in NIST CSF 2.0: Risks of Acting — and Not Acting — on Cybersecurity Governance

The NIST Cybersecurity Framework 2.0 (CSF 2.0) represents a significant evolution in how organizations think about managing cybersecurity risk. Among the most impactful changes in this latest version is the elevation of Govern to a core function. Previously embedded in other areas of the framework, governance now stands

The Power of “Yes, And”: How CISOs Become Business Enablers Without Compromising Security

The Power of “Yes, And”: How CISOs Become Business Enablers Without Compromising Security

For many CISOs, the fastest way to erode influence inside the organization is to become known as “the department of no.” While security leaders rarely intend to block the business, the perception often forms when conversations start—and end—with constraints, risk statements, or policy violations. The more effective approach

Isolation Is Not Failure: Why CISOs Must Plan for OT Disconnect Scenarios

Isolation Is Not Failure: Why CISOs Must Plan for OT Disconnect Scenarios

Isolation is a resilience capability, not a last resort. CISOs must ensure isolation plans exist, are tested, and are integrated into business continuity planning. Executive Scenarios • Vendor compromise • Supply chain incident • National-level threat escalation Well-designed systems can isolate selectively—preserving safety while reducing exposure. Executive Insight Organizations that

Why OT Logging and Monitoring Are Executive-Level Controls

Why OT Logging and Monitoring Are Executive-Level Controls

Detection speed determines impact. OT environments are uniquely well-suited for behavioral monitoring due to their predictable patterns. What CISOs Should Ensure • Full visibility into remote access • Alerting on configuration changes • Monitoring of protocol violations • Immediate alerts on break-glass usage Executive Insight Logs that are not operationalized do not