MEDIA / BLOGS

Cyvergence

Cyvergence was founded with a mission to bridge the gap between cybersecurity and business strategy, delivering innovative solutions that protect organizations while enabling growth. In this video, we share the story of our origins, highlighting the vision that drives our work. Paired with this, a featured post from CIOlook Magazine showcases how our forward-thinking approach is redefining cybersecurity, emphasizing the innovation that sets Cyvergence apart. Explore how we combine expertise, adaptability, and a commitment to excellence to meet today’s evolving challenges.

Personal Blog

• Cybersecurity Leadership: My Unexpected Journey to Influence

External Overview

• CIO Look Magazine
• Prescient Security: Top Leaders to Follow 2025

Awareness & Training

External Video Blog

• Phishing for Answers

The CISO Corner

Welcome to The CISO Corner, a dedicated space for Chief Information Security Officers and cybersecurity leaders to explore insights, strategies, and trends shaping the industry. Here, we dive into topics that matter most to CISOs—from navigating complex regulatory landscapes to implementing effective risk management frameworks. Whether you're looking for actionable advice, thought leadership, or a fresh perspective on the challenges you face, this section is designed to empower you with the knowledge and tools to succeed in today’s ever-changing cybersecurity environment.

Cyvergence Video Blogs

• What to look for in your First / Next CISO Position

Cyvergence Written Articles

• Bridging the CISO Credibility Gap: Empowering Boards for Effective Cybersecurity Governance
• The Case for Cybersecurity as a Business Discipline
• Cybersecurity Without Assurance is Like a Ship Without a Navigator
• Knife to a Gunfight: Cybersecurity and Operational Risk: A Critical Union for Business Success
• Is Your Cybersecurity Program Sailing Without a Compass?
• Navigating Hidden Terrain: The Complex Security Landscape of Mergers & Acquisitions
• Not Knowing Your ROSI is like Solving a Puzzle With Missing Pieces
• In Cybersecurity, is the Pen Mightier Than the Sword?

External Blogs

• Risk and Reals: CISOs Need to Tell Good Stories and the Right Allies to Help Tell Them
  

Compliance

Navigating the world of cybersecurity compliance can be challenging, but it's essential for protecting your organization and meeting regulatory requirements. In this section, we break down the complexities of compliance frameworks, provide insights into industry best practices, and share practical tips to help you stay ahead. Whether you’re aligning with standards like NIST CSF, ISO 27001, or GDPR, or addressing specific regulatory mandates, this section offers the guidance you need to ensure your organization’s compliance efforts are robust, effective, and business-aligned.

Cyvergence Video Blogs

• Introduction to Cybersecurity Compliance

Cyvergence Written Articles

• Is Your Cyber Program a Rusty Old Jalopy?
• Blueprints Alone Aren't Enough: Guiding Cybersecurity To Compliance

External Video Blogs

• SOC2 & Beyond: How to Get Compliant with Multiple Frameworks with SOC2 as a Foundation
  

Training Course: Cybersecurity For Executives and Boards

Cybersecurity is no longer just an IT issue—it’s a business imperative that requires executive and board-level oversight. Our Cybersecurity Course for Executives and Boards is designed to equip leaders with the knowledge and tools to navigate today’s evolving threat landscape. From understanding fiduciary responsibilities to addressing internal politics and risk management strategies, this course provides actionable insights tailored for decision-makers. Learn how to lead your organization’s cybersecurity efforts confidently, mitigate risks effectively, and ensure resilience in the face of modern threats.

Cyvergence Video Blog

• Cybersecurity for Executives and Boards (Course Overview)

Cyvergence Written Article

• Executives and Boards: Have you Bridged the Cybersecurity Gap?
  

Cybersecurity Corporate Governance

Strong corporate governance is at the heart of effective cybersecurity, ensuring that risks are managed, responsibilities are clear, and strategic goals are achieved. In this section, we focus on the critical intersection of cybersecurity and corporate governance, providing insights into aligning security strategies with business objectives. Explore best practices for board oversight, executive accountability, and fostering a culture of resilience to strengthen your organization’s governance framework and protect its long-term success.

But we don’t stop there. At Cyvergence, we go beyond traditional cybersecurity approaches to support broader organizational needs. By incorporating enterprise risk management, risk quantification, and advanced governance methodologies, we help organizations create a holistic strategy that bridges the gap between security and business. These tools allow leaders to prioritize and quantify risks, align objectives across departments, and make informed decisions that drive both security and growth. Discover how expanding your governance practices can empower your organization to thrive in an increasingly complex risk landscape.

Cyvergence Written Articles

• The Case for Cybersecurity as a Business Discipline
• Cybersecurity Without Assurance is Like a Ship Without a Navigator
• Executives, Are you Having the Pilot Inspect the Plane Mid Flight?
• Your CISO, The Knight Safeguarding You, The CEO, from Peril
• CEOs and Boards: Navigate Cybersecurity Before It Capsizes Your Business or Career
• Is Your Cybersecurity Program Sailing Without a Compass?
• Navigating Hidden Terrain: The Complex Security Landscape of Mergers & Acquisitions
• Rethinking Business Resilience in the Wake of the CrowdStrike Incident
• Building Bridges Between Cybersecurity and Business
• How The Marriott Settlement Should Change Cybersecurity Governance
• Connecting the Financial Dots in Cybersecurity
• Executives, are you Facing Ransomware with Stone Age Tools?
• Building a Cyber Resilient Foundation Beyond Compliance
• CEOs, are you Leading Cybersecurity from the front or standing in the Crossfire?
• Value of Cybersecurity: Executives, Don't let Cybersecurity be the Hurdle That Trips Your Business
• CEOs: Break Down Silos. Build Stronger Businesses and Cybersecurity
• How Bias Affects Corporate Cybersecurity, the CEO, and the Board
• Executives, Seal the Leaks, Turn Cybersecurity Costs Into Value
• CEOs, Gain Clarity About Your Technology Risks
• CEOs, Is Your Cybersecurity Strategy Built to Support Business Growth?
• CEOs, Leading Without a Cyber-Savvy Board is like Driving Fast Seatbelt-Free

Cyvergence Video Blog

• Corporate Governance and Cybersecurity

External Video Blogs

• What the Heck is Governance?
  
• Decloaked Podcast: Featuring Matthew Webster

External Written Articles

• CSO Online: Do the Marriott cybersecurity settlements send the wrong message to CISOs, CFOs?
  
• Amazon refuses Microsoft 365 deployment because of lax cybersecurity

Governance, Risk, and Compliance

Governance, Risk, and Compliance (GRC) is critical to ensuring that your organization remains secure, compliant, and aligned with business objectives. In this section, we delve into how effective GRC frameworks can integrate cybersecurity into broader organizational risk management strategies. By understanding the complexities of regulatory requirements, risk assessments, and governance structures, organizations can build a more resilient, agile approach to managing risk. Whether you're aiming to meet compliance mandates or enhance overall governance, this section provides the insights and tools to create a robust GRC strategy that supports long-term business success.

External Video Blog

• Audit, Risk, Compliance: Synergy for Organizational Success

External GRC Report Where Matthew Is Referenced

• Sprinto: Pulse of the GRC Report 2025

Healthcare

In the healthcare sector, cybersecurity is not just about protecting data—it’s about safeguarding patient trust, ensuring regulatory compliance, and maintaining operational continuity. This section focuses on the unique cybersecurity challenges faced by healthcare organizations, including compliance with standards like HIPAA, securing sensitive patient information, and managing risks in a rapidly evolving digital landscape. Additionally, my book offers a deeper dive into healthcare cybersecurity, providing insights into best practices for risk management, incident response, and governance. With a focus on building a resilient security framework, this section and the book aim to help healthcare organizations protect both patient care and organizational goals effectively.

Cyvergence Video Blog

• US Healthcare Cybersecurity
  

External Video Blogs

• SWFLSec and SpaceCoastSec Meetup: Book: Do No Harm Protecting Connected Medical Devices
• Cyber Doctor: Protecting Patients from Unpatched Medical Devices

Identity Governance

Identity governance is a critical component of a robust cybersecurity strategy, ensuring that only authorized individuals have access to the right resources at the right time. In this section, we examine the importance of managing user identities, enforcing access policies, and mitigating the risks associated with unauthorized access. We explore best practices for implementing identity governance solutions, from user provisioning and role-based access control to ensuring compliance with regulatory standards. By effectively managing identities and access, organizations can strengthen their security posture, reduce the risk of insider threats, and ensure compliance with evolving data protection regulations.

Cyvergence Video Blogs

• Introduction to Identity Governance: Part 1
• Introduction to Identity Governance: Part 2
• Introduction to Identity Governance: Part 3

Incident Response and Forensics

When a cybersecurity incident occurs, a swift and effective response is crucial to minimize damage and restore operations. In this section, we focus on incident response planning and forensic investigations, providing insights into how organizations can prepare for, detect, and respond to cyber threats. From creating incident response playbooks to conducting detailed forensic analyses to uncover root causes, we explore the tools and methodologies that help organizations navigate crises. By combining preparedness with investigative precision, incident response and forensics empower businesses to mitigate risks, recover efficiently, and strengthen defenses against future attacks.

Cyvergence Video Blog

• Executives, are you facing Ransomware with Stone Age Tools?
  

Leadership

Effective leadership is essential in navigating the complex world of cybersecurity, where strategic decision-making and clear communication are critical to success. In this section, we explore the role of leadership in building a strong security culture, aligning cybersecurity with business objectives, and fostering collaboration across departments. We discuss how leaders can champion cybersecurity initiatives, ensure accountability at every level, and drive innovation while mitigating risks. Whether you’re in a C-suite role or leading a cybersecurity team, this section provides valuable insights on how to lead with confidence in today’s dynamic threat environment.

External Blogs

• Talent Gap Fireside Chat: Unicorn Hunting and Work Life Balance
• CYE: From Data to Defense: Building Your 2024 Cybersecurity Budget
• Risk and Reals: CISOs Need to Tell Good Stories and the Right Allies to Help Tell Them
  

Risk Management: Cybersecurity Risk and Beyond

Effective risk management goes beyond cybersecurity, integrating enterprise and corporate risk management practices to safeguard an organization from all potential threats. In this section, we explore how businesses can build a comprehensive risk management strategy that addresses cybersecurity risks while also factoring in broader operational, financial, and strategic risks. We focus on how to quantify, prioritize, and manage these risks through frameworks that align with business objectives. By integrating cybersecurity with enterprise and corporate risk management, organizations can ensure they are prepared to address both digital threats and the broader risk landscape, fostering resilience and informed decision-making across the entire organization.

Cyvergence Video Blogs

• The Basics of Cybersecurity Risk Assessments

• Third Party Risk Management: Part 1
• Third Party Risk Management: Part 2
• Third Party Risk Management: Part 3

• Managing Corporate Cybersecurity Risks: Part 1
• Managing Corporate Cybersecurity Risks: Part 2
• Managing Corporate Cybersecurity Risks: Part 3

Cyvergence Written Articles

• Beyond Inherent Risk: Aligning Cybersecurity Governance with Business Needs

External Video Blogs

• OutThink: Risk Quantification

Threat and Vulnerability

Understanding and addressing threats and vulnerabilities is essential to building a proactive cybersecurity strategy. In this section, we delve into the evolving threat landscape, examining emerging risks and the tactics used by adversaries. We also explore vulnerability management, focusing on identifying, assessing, and mitigating weaknesses in systems, applications, and networks. By combining threat intelligence with robust vulnerability management practices, organizations can reduce their attack surface, prioritize remediation efforts, and stay ahead of potential exploits. This section offers actionable insights to help you strengthen your defenses and protect your organization from the constantly changing threat environment.

Cyvergence Video Blogs

• The Basic Tools of Threat and Vulnerability

• Primer on the Threat Landscape: Part 1
• Primer on the Threat Landscape: Part 2
• Primer on the Threat Landscape Part 3