Holistic Cyber (HolistiCyber)

🚀 Welcome to our new member of the G-CMO Community! 🚀 Today, we are happy to spotlight Michael Yehoshua. Although he has only been in Israel for seven years only, he is already recognized as a great leader in our marketing industry. Michael Yehoshua is not one to do things halfway. As the current CMO of both SAGE Cyber and Holistic Cyber (HolistiCyber), he is a top-ranked Chief Marketing Officer known for driving record-setting sales figures. Michael's career is marked by leading marketing teams to impressive milestones, including two successful M&A exits and securing multi-million dollar revenue gains. Before his current roles, Michael served as the VP of Global Marketing at SCADAfence, where his leadership fueled substantial growth in customer acquisitions and ROI, culminating in an exit to Honeywell. At TrapX Security, Michael transformed a declining startup into a profitable industry leader, leading to an exit to Commvault. As VP of Marketing at AMC, he revitalized the company's marketing architecture, achieving revenue figures unseen for decades. Beyond his remarkable professional journey, did you know Michael was a heavy metal band's lead singer and guitarist for 5 years? He's a heavy-metal enthusiast! 🎸🤘 Join us in welcoming Michael Yehoshua to the G-CMO community! His blend of professional prowess and unique musical taste makes him a valuable addition to our network. Orit Cohen Shiri Grosbard Sophie Melnik Amitay #MarketingLeader #CMO #Membersportrait #GCMOCommunity 

It was great to see a packed room at last night’s InfraGard NJ meeting, hosted at Lowenstein Sandler LLP! For this month’s meeting, we had Fred Stuck from Cantor Fitzgerald discuss the key elements for successful Business Continuity and Disaster Recovery planning and Alon Yavin from Holistic Cyber (HolistiCyber) walked us through the challenges and solutions for securing cloud applications. Special thanks to Lauren Guillen from 24By7Security, Inc. for sponsoring this memorable event! It is an honor to be an Advisory Board Member of this fast growing InfraGard chapter and we are planning to have another in-person event soon.

After an AI company terminated an employee, it allegedly learned the employee had been transcribing work meetings using an automated transcription service which sent all of the transcribed information to the employee. See https://lnkd.in/eUFV2Ur4. The employer promptly brought a federal trade secret theft case and the Court issued a preliminary injunction requiring the former employee to return what he had allegedly taken, including the meeting minutes. https://lnkd.in/e4vS457g.    It is important for organizations to minimize the use of "Shadow Vendors"--vendors that are not being centrally managed by the organization. Why? It's hard enough to do effective third-party risk management (TPRM) with respect to the vendors you know about. It's not realistic to do TPRM on "shadow vendors" that you don't know about. Unapproved technology and vendors may be insecure and my lead to breaches, trade secret theft, and other cyber or compliance incidents. Here are five tips for minimizing the use of "shadow vendors":   1. PROHIBIT THE USE OF SHADOW VENDORS: Consider having a clear written policy precluding the use of unapproved technology. Train employees on the policy upon onboarding and at least annually thereafter.    2. MINIMIZE ADMINISTRATIVE RIGHTS: If an employee's job function does not actually require the employee to have administrative rights over the employee's laptop or desktop, do not grant such rights. This will prevent employees from downloading unauthorized and unmanaged software.    3. SEARCH FOR THE BIGGEST OFFENDERS: If you are particularly concerned about employee use of particular tools, consider forensic monitoring or searching for evidence that employees may be using these tools. For example, employees may be using a transcribing tool on a personal device, but they may store some of the transcripts on a work computer. Thus, even if you cannot detect the use of the tool directly, you may be able to detect indicia of the use on a personal device.    4. VET YOUR BIGGEST OFFENDERS: Consider conducting TPRM on your biggest offenders in this area. You may determine that a particular vendor is not as risky as you thought and you may decide to make it permissible (perhaps with certain use limitations). Alternatively, you might find that you become better able to understand and/or articulate the risk of using these vendors, which may help you convince employees to stay away.      5. PROVIDE FLEXIBLE SOLUTIONS: Today employees are very tech savvy, so if they are aware of a helpful technology solution for doing their job and the organization prohibits them from using it, they may just use it on a personal device, which may be equally problematic but harder for the organization to detect. Thus, create a simple channel for employees to openly request access to certain technology. This will give the organization the opportunity to either fully vet potentially new and helpful technology or to offer employees acceptable alternative solutions.