InSecurity Podcast: Kip Boyle on Determining “Reasonable Cybersecurity”

As consumers, we expect companies we purchase products and services from to adequately protect our data. Since 2002, the Federal Trade Commission (FTC) has brought 60 cases against companies that have engaged in unfair or deceptive practices that failed to adequately protect consumers’ personal data (FTC: Privacy and Data Security Update: 2017).

“Reasonable cybersecurity” is a way to look at cybersecurity through a legal lens, and allows organizations to better evaluate whether the people, process, technology, and management behind a given cybersecurity initiative have produced “reasonable” outcomes where compliance issues are concerned.

In this episode of the InSecurity Podcast, host Shaun Walsh is joined by special guest Kip Boyle, Founder and CEO at  Cyber Risk Opportunities, to discuss challenges in determining “reasonable cybersecurity” thresholds and maintaining them.

About Kip Boyle

Kip Boyle (@KipBoyle) is a 20-year information security expert and is the founder and CEO of Cyber Risk Opportunities. He is a former Chief Information Security Officer for both technology and financial services companies and was a cyber-security consultant at Stanford Research Institute (SRI).

Boyle led the global IT risk management program for a $9 billion logistics company and was the Wide Area Network Security Director for the F-22 Raptor program. He has participated in several cybersecurity war game exercises and has worked closely with various government agencies including the FBI.

Boyle is a US Air Force officer and serves on the board of directors of the Domestic Abuse Women’s Network (DAWN). He’s been quoted in Entrepreneur magazine, Chief Executive magazine, and is the co-author of Chapter 68, Outsourcing Security Functions, in The Computer Security Handbook.

About Shaun Walsh

Shaun Walsh (@cingulus) leads Cylance’s global marketing strategy, channels, campaigns, digital marketing and communications efforts.

Prior to joining Cylance, Shaun served as VP of Corporate Marketing and GM of the Ethernet business unit at QLogic, and previously served as the SVP of Marketing and Corporate Development at Emulex.

About Matt Stephenson

Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance which puts him in front of crowds, cameras, and microphones all over the world.  Twenty years of work with the world’s largest security, storage and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come before.

Every week on the InSecurity Podcast, Shaun and Matt interview leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. To hear more, visit:

iTunes/Apple Podcasts link:
GooglePlay Music link: