CYGNVS

“Is it done yet?” In a major incident, 50% of the time is just spent updating people - executives, board members, legal, customers, regulators, etc. Everyone needs information, but not the same information since it's different slices for different purposes. Critically who gets to know what and when is carefully managed by the Internal and Outside Counsel to protect company confidentiality and legal privilege. A large financial services customer shared their approach which I think is a master class in updating people. They have 250 users on CYGNVS – with 80% of being from functions outside IT/Security like legal, risk, compliance, marketing, sales, etc. Their entire C-suite, including CEO and select board members, have the CYGNVS mobile app on their phones. And they have 7 tailored CYGNVS dashboards – one for the board, one for the execs, one for legal, one for compliance, etc – so everyone can access tailored, real-time updates during a crisis that are specific to their role and what information they should access. And no one has to ask “Is it done yet?” #CyberResilience #IncidentResponse #CyberSecurity #CISO #BusinessContinuity #CyberCrisis #TabletopExercise #Governance #RiskManagement #ExecutiveLeadership #OutOfBand #CYGNVS

Have you ever been part of a tabletop exercise from 35,000 feet above sea level? Interesting story from the CISO of a financial services customer. They had planned a tabletop exercise involving 37 participants including key business executives and outside counsel. The plan was to have all participants go through 9 injects in their CYGNVS Out-of-Band platform so they could “train where you fight”. The day before the exercise, the CISO had to board an international flight for an urgent personal issue. In many organizations, that might have meant postponing the tabletop. Instead, they decided to proceed and test how resilient they were without the CISO. But the CISO did participate. While in the air, the CISO received a notification that the tabletop had started. The flight WIFI was not good enough for video conferencing but he was still able to actively participate through the CYGNVS mobile app — reviewing injects, following decisions, monitoring tasks, and adding his input and comments in real time. Two hours later, the exercise concluded successfully. And the CISO went on to watch a movie! What’s interesting here is that the organization proved to itself that if this had been a real incident, leadership could still mobilize and coordinate regardless of where everyone is or what they are doing. #CyberResilience #IncidentResponse #CyberSecurity #TabletopExercise #Ransomware #BusinessContinuity#CyberCrisis #CISO #BoardGovernance #OutOfBand #CrisisManagement #CYGNVS

On a Friday around 3pm, the IT director of an international retailer was wrapping up a relatively quiet week. His phone rang. It was someone from his operations team. Systems were down. They thought it was a localized issue but more calls started coming in. Employees could not access internal systems like emails and collaboration. Everyone seemed to be locked out at once. Within 20 to 30 minutes, it became clear this wasn’t a routine outage. This was their first real major cyber incident. Everyone from the CEO and CFO was calling everyone else. The organization didn’t have a formal incident response plan. No clear playbook and they hadn’t defined roles on who would even lead this event. They also had no structured way to coordinate across their organization without resorting to personal email and WhatsApp. The CFO reached out to Marsh Risk, their cyber risk advisor, and Marsh Risk created a CYGNVS Incident Room with the Marsh Risk best practices playbook. The organization mobilized over 30 of their team members to work with each other and Marsh Risk along with external providers including a forensics firm. The crisis was not abated but they now had an Out-of-Band environment to work through the event systematically together while providing regular updates to the CEO and CFO. Within 72 hours, things were under control and the organization was on the way back to normal operations. Now they are on their way by preparing their own tailored playbooks and practicing in  tabletop exercises so when then next major incident comes their way, it will be business as usual. CYGNVS is honored to serve Marsh Risk and Marsh Risk clients for cyber resilience. Special shout out to Paty Rodríguez on a great job well done!

How much would you pay a former employee for screenshots of WhatsApp messages sent 15 months earlier? That was the reality for a healthcare organization before they implemented @CYGNVS. During a major cyber incident, their systems were compromised, so teams fell back to WhatsApp for out-of-band communication. For two intense weeks, decisions were made across personal devices while the organization worked to recover. It was painful but things seemed to go back to normal. Fifteen months later, regulators arrived and the real pain started. The regulators wanted to see: What was known? What decisions were made? Who made them? And why? The problem was that everything on was people’s devices and many of the key people involved were not with the company anymore. So the organization began contacting former employees, offering four-figure cash incentives for screenshots of old WhatsApp conversations. In most cases, the messages were gone — deleted or lost with old phones. What’s interesting is that this wasn’t really a technology failure. It was a chain-of-custody failure. Since deploying CYGNVS, they’ve managed multiple major incidents with business teams and external providers — all with a complete, defensible record of decisions and actions preserved in a system owned by the organization. Resilience isn’t just about surviving the incident response. It’s about being able to explain your response long after the crisis is over. To learn more, please visit www.CYGNVS.com #CyberResilience #IncidentResponse #CyberSecurity #OutOfBand #ChainOfCustody #BusinessContinuity #Governance

When was the last time a Tabletop Exercise really threw you a curveball? Recently I was invited to a Customer's tabletop exercise organized by the CISO with the Executives, Legal, Risk, and Compliance teams. It was virtual and being conducted in their CYGNVS Out-of-Band instance so they can “train where they fight”. Everyone got settled and were waiting for the CISO to start the proceedings. The CISO cleared his throat and said: “Today’s exercise is about a malicious insider within the management team. I am that malicious insider. So you will all go through the scenario but without me. Good luck!“ And he exited the CYGNVS conference call! Everyone was dumbfounded. For about a minute, there was total silence. And then team began to get galvanized, started looking in the CYGNVS library, and found the “malicious insider” playbook, and began to work through it step-by-step. A shaky start but they finished with flying colors.   When I caught up with the CISO afterwards, he was super excited that the team successfully managed without him. That is what true resilience is. Resilient against crises but also against the loss of key personnel. #CyberResilience #TabletopExercises #IncidentResponse #Leadership #BusinessContinuity #CrisisManagement #OutOfBand

Where were you when your organization experienced a major cyber incident? Here is a story from one of our customers. A cybersecurity leader at a customer was on vacation with his family at Disneyworld, waiting in line for the Avatar ride. Five minutes into the line, he received a notification on his CYGNVS mobile app. An employee with access to highly sensitive information had clicked on a phishing email that deployed malware on his laptop which was spreading laterally and going after confidential information. A major incident was called, an Out-of-Band Incident Room in CYGNVS had been created, and the team was mobilizing. About two months prior, 23 people had run a tabletop exercise in CYGNVS based on a similar scenario and now it was the real thing. They used to have a 200-page paybook but that is now instrumented as step-by-step guidance by role inside their Out-of-Band platform. While standing in the Avatar line, the cybersecurity leader put on his AirPods and started an Out-of-Band conference call with the team and execution was underway. He kept monitoring his team's activity on a constantly updating dashboard on his mobile app and in a little over 45 minutes, the all-clear was sounded. He had just resolved one crisis but had another to deal with. His daughter was upset that they still had not reached the front of the Avatar line. At CYGNVS we are honored to help our customers become Cyber Resilient by turning major crises into business as usual. Or in this case – while waiting in the Avatar line. #CyberResilience #IncidentResponse #CrisisManagement #CyberSecurity #OperationalResilience #Leadership #Preparedness #CYGNVS

What we’re seeing across industries is that cyber incidents don’t stay contained within one organization. They cascade across the ecosystem. Thanks to Marsh Risk for inviting CYGNVS to run a an interactive tabletop exercise at the Marsh Aviation Summit with senior executives from airlines, airports, OEMs, and service providers. The scenario was simple. A ransomware attack hits a ground-handling vendor late on a Friday. The challenge is not detection. It’s coordination. Their systems are down. The airline needs answers. Multiple organizations are now involved, each with their own tools, protocols, and constraints. What ends up happening is familiar. People fall back to WhatsApp groups, personal phones, and ad hoc channels. That’s where things start to break. Decisions get fragmented. Context is lost. Sensitive conversations and evidence spread across personal devices, often across company lines. What this highlights is a broader issue. Ecosystems are not designed to respond together under pressure. That’s why Out-of-Band matters. It creates a neutral, secure environment where organizations can coordinate when primary systems are unavailable or compromised. Not just within a company, but across them. If your operation went down tonight due to a cyber incident, what does your first hour actually look like? Learn more at https://lnkd.in/gPrgWU5f #CyberResilience #AviationSecurity #IncidentResponse #CrisisManagement #CyberSecurity #RiskManagement #OperationalResilience #TTX #MarshAviationSummit

A critical aspect of incident response is how quickly everyone can be mobilized when a major incident occurs. We recently saw this play out with a 11-figure-revenue customer who signed with CYGNVS and a week later had a major event that took down and compromised their critical systems including comms. This is exactly the scenario most organizations worry about, where the response is stalled since the systems that you rely upon are either down or compromised. Post signing, 2 employees were onboarded to CYGNVS – with the plan of adding others over time. But now the incident was upon them. Within minutes, the two employees on CYGNVS created an incident room and began mobilizing the response: 🔹 116 internal users from various business functions were onboarded in less than 60 minutes 🔹 42 external users from 5 external providers (legal counsel, forensics, etc) were also onboarded And they were off and running with teams executing the response in a 24/7 manner following the Sun. Core systems were restored within a few days but the incident response continued in CYGNVS for another eight weeks because the customer wanted to manage chain of custody and attorney client privilege through the entire recovery and reporting process. If a major incident occurred, could your organization mobilize 116 internal users and 42 external provider users in minutes? We would love to show you how CYGNVS can help. Visit: https://lnkd.in/d-kU7aUh. #CyberResilience #IncidentResponse #CyberSecurity #CrisisManagement #BusinessContinuity #Resilience #CyberRisk #OutOfBand #Preparedness

We’re excited to welcome Bret Baumbach as VP of Sales at CYGNVS. 🎉 Bret joins us from another Andreessen Horowitz portfolio company. We are excited to have his expertise and track record of building and scaling high-performing teams in new use cases and markets. We’re excited to have Bret join us on our mission to help the world’s organizations achieve cyber resilience through prepare, practice, respond, and report. #CyberResilience #Leadership #SalesLeadership #GoToMarket #CyberSecurity #Growth #Resilience #CYGNVS

At our RSA 2026 panel event, one message came through loud and clear: CISO liability is a growing reality. As cyber risk continues to escalate, so does individual accountability for security leaders. The conversation focused on why CISO liability insurance is quickly becoming a critical layer of protection, helping leaders navigate increasing regulatory pressure, legal exposure, and board-level expectations. A huge thank you to our outstanding panelists from AIG, Marsh Risk, and Zscaler for sharing their insights, experiences, and candid perspectives. It truly made for a meaningful and engaging discussion. And thanks to everyone who took time out of an incredibly busy RSAC Conference to join us in person. 📣 For more information on CISO Liability Insurance included as benefit to CYGNVS customers: https://lnkd.in/eAvYGm2z #CyberSecurity #IncidentResponse #CyberResilience #RiskManagement #CYGNVS #CIRM #DataBreach #CrisisManagement #CISOInsurance