Archive - The Cybersecurity Compass

Transparency in Cybersecurity: The Email Security Case

Cybersecurity is a massive market today — with more than 4,000 vendors all vying for attention.

Jul 25 •

Juan Pablo Castro

What Is Strategy in Cybersecurity? Rethinking the Way We Lead, Protect and Adapt

After exploring foundational topics like cyber risk, resilience, communication, and how we think and explain cybersecurity, I realized there was still…

Jul 14 •

Juan Pablo Castro

Cyber Risk Is the New Perimeter

After more than two decades in cybersecurity, I’ve seen the transformation with my own eyes — from locked server rooms and on-prem firewalls to…

Jul 7 •

Juan Pablo Castro

Introducing the CROC Levels: Operationalizing Cyber Risk Management

When I created the concept of Cyber Risk Operations Center (CROC), the intention was simple but ambitious: to operationalize the Cyber Risk Management…

Jul 3 •

Juan Pablo Castro

How Cyber Risk Management Creates Value — And Validates the Cybersecurity Compass

Cybersecurity has too often been seen as a cost center, a technical necessity, or a compliance obligation.

Jul 2 •

Juan Pablo Castro

June 2025

What Is Governance in Cybersecurity?

Cybersecurity has never been just a technical problem — it’s a business risk problem. Yet for too long, organizations have approached cybersecurity as a…

Jun 25 •

Juan Pablo Castro

Cyber Risk Is a Moving Target: Why Traditional Risk Teams Must Rethink Their Approach

In today’s enterprise landscape, risk teams are being tasked with evaluating everything — from financial exposure to regulatory risk, climate impact…

Jun 23 •

Juan Pablo Castro

The Asymmetry That Defines Cybersecurity: Lessons from a Linux Vulnerability and the KEV List

When I saw CISA add a Linux kernel vulnerability from 2023 to the Known Exploited Vulnerabilities (KEV) catalog in mid-2025, one thought came to mind…

Jun 19 •

Juan Pablo Castro

ODMs and PLAs: The Future of Metrics in Cybersecurity

After following Paul Proctor’s work at Gartner for many years — especially his push for meaningful cybersecurity metrics — I’ve seen his thinking evolve…

Jun 16 •

Juan Pablo Castro

Cybersecurity: A Strategic Choice and Balance of Trade-Offs for Business Success

At the recent Gartner Security & Risk Summit, a powerful and transformative message emerged, championed by Paul Proctor: cybersecurity is undergoing a…

Jun 11 •

Juan Pablo Castro

How CROC Leverages Vision One CREM to Transform Cyber Risk Strategy into Operational Reality

We created the Cybersecurity Compass in response to the growing challenges faced by cybersecurity professionals and stakeholders alike.

Jun 10 •

Juan Pablo Castro

Context is Everything in Cybersecurity Why Signals Without Meaning Are Just Noise

Why Signals Without Meaning Are Just Noise

Jun 5 •

Juan Pablo Castro

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts