In this Spotlight podcast* we’re joined by Andrew Jaquith, the CISO at QOMPLX to talk about how the COVID pandemic is highlighting longstanding problems with cyber risk management and cyber resilience. We also talk about how better instrumenting of information security can help companies get a grip on fast-evolving cyber risks like human-directed ransomware campaigns.

There has been much speculation about what the long term impact of the COVID 19 pandemic will be on the private sector. Already, business leaders and investors are betting that the forced, mass experiment in remote work will produce long term changes in how companies manage their workforce.

Andy Jaquith is the Chief Information Security Officer at QOMPLX Inc.

But one byproduct of the shift to remote work is already clear: a marked increase in cyber attacks on corporate environments that take advantage of employees’ anxiety about the virus and lax home office security.

Episode 151: Ransoming the City with Cesar Cerrudo of IOActive

Ransomware’s Dangerous Rise

Among the most scary of those attacks are so called human-directed ransomware attacks, which have sidelined sophisticated organizations ranging from the fin-tech startup Finastra to DMI, a cyber security contractor that counts the US space agency NASA as a customer. 

Episode 107: What’s Hot at Black Hat & does DHS need its new Risk Management Center?

What’s to be done? Our guest In this spotlight edition of the podcast, Andy Jaquith, says that COVID is exposing some rifts in corporate cyber security.

New Tech Meets Old Tools

While the ways in which organizations deploy and use technology has changed dramatically in the last two decades, the ways that they measure and account for cyber risk have not. 

Andy is an amazing resource on all matters cyber security. A former Managing Director at both JP Morgan Chase and Goldman Sachs, he was also the Chief Technology Officer at the firm Silver Sky, a cloud-based MSSP.

Episode 185: Attacking COVID, Protecting Privacy

In this conversation, Andy and I talk about how COVID is highlighting larger issues around cyber resilience. We also talk about Andy’s new company, QOMPLX, which is working to improve ways to instrument cyber security with an eye to improve both cyber defense and risk management. 

To start off, I asked Andy about his storied tenure in the cyber security field including his work as an analyst for Forrester and his stint at the seminal cyber security firm, @stake. You can listen using the embedded player above, or by downloading