SMB Cyber Advisor
LightNews LightNews
banner
mcborroughvcxo.bsky.social
SMB Cyber Advisor
@mcborroughvcxo.bsky.social
11 followers 1 following 510 posts
Field CISO, vCXO, Professor, Entrepreneur, and SMB Cyber Risk Advisor sharing insights about cybersecurity and things.....
Posts Replies Media Videos
mcborroughvcxo.bsky.social
Too many SMBs think cyber risk is “a big company problem.” It is not. The cybersecurity poverty line is real—and it’s endangering your operations, customer trust, and survival.
💡 Learn how to close the gap with pragmatic, cost-effective strategies:
zurl.co/Eo1EE
The Cybersecurity Poverty Line: Why SMBs Remain Vulnerable – William J McBorrough, CISSP, CRISC, CISA, CMMC CCP
zurl.co
January 13, 2026 at 9:16 PM
mcborroughvcxo.bsky.social
AI is everywhere but governance is nowhere, security leaders must step up.

This SMB Cyber Insights article addresses why AI needs cybersecurity leadership now:

🔗 zurl.co/M7WLl

#CISO #AI #Cybersecurity #AIGovernance #RiskManagement
CISOs: The New Champions of AI
Artificial Intelligence is no longer a niche capability. It is the default.
zurl.co
January 13, 2026 at 9:15 PM
mcborroughvcxo.bsky.social
In this SMB CISO Insights article, I explore Cybersecurity Risk Appetite and Tolerance, who should define these boundaries, who actually does, and what happens when no one does.

zurl.co/JKwit

#SMBCISOInsights #cybersecurity #riskmanagement
Risk Tolerance and Appetite: Who Really Decides?
Comments on my last article, “Rethinking ‘Security First’,” had me thinking about risk tolerance and risk appetite over the past week. My friend, Taiye Tambo, described the difference perfectly: “Risk appetite is like having an appetite for spicy food.
zurl.co
January 9, 2026 at 2:26 PM
mcborroughvcxo.bsky.social
Employees can be risky. But so can bad security design.

This article digs into the real insider threat: employee fatigue, created by well-meaning security teams.

#CISO #SecurityLeadership #CyberAwareness #HumanFactors #RiskManagement
zurl.co/pOxe2
The Insider Threat You’re Ignoring: Employee Cyber Fatigue
Let’s clear something up: your employees aren’t always ignoring cybersecurity because they don’t care. They’re probably overwhelmed.
zurl.co
January 1, 2026 at 2:56 PM
mcborroughvcxo.bsky.social
Security leaders have a unique opportunity to champion AI adoption while ensuring it is done securely. Read my latest article on six strategies to help champion AI within your organization:

zurl.co/sz9J6

#CISO #CyberSecurity #AI #AIGovernance #RiskManagement
From Risk Managers to AI Champions: How CISOs Can Lead the Next Wave
Last week, I published CISOs: The New Champions of AI, and the response from my network has led to some of the best conversations with fellow security and IT leaders that I have had in a long time. We did not always agree on who should “own” AI governance.
zurl.co
January 1, 2026 at 2:55 PM
mcborroughvcxo.bsky.social
In this latest SMB CISO Insights newsletter article on LinkedIn, I wrote about why the pressure on CISOs is rising and what needs to change if we want this role to be sustainable.

#CISO #Cybersecurity #Burnout #Leadership #FractionalCISO #InfoSec zurl.co/OMUXi
CISO Burnout Is Real: Let’s Talk About It
Lately, I’ve seen an increasing number of CISOs speaking publicly about burnout, and it’s a conversation that is long overdue. From posts on LinkedIn to candid comments at industry events, security leaders are opening up about the mental and emotional strain of the role.
zurl.co
December 31, 2025 at 12:04 AM
mcborroughvcxo.bsky.social
Considering ISO 727001 or SOC 2 for your business? As a fractional CISO, I often guide clients through this critical decision point. Here are the key features of both. zurl.co/bxG82

#mcborroughvcxo #CISO #FractionalCISO #Smallbusiness #Cybersecurity
ISO 27001 vs. SOC 2: Which Is Right for Your Small Business? – William J McBorrough, CISSP, CRISC, CISA, CMMC CCP
zurl.co
December 28, 2025 at 7:11 PM
mcborroughvcxo.bsky.social
Get expert insights, musings and occasional rantings a 20-year cyber pro, entrepreneur, & professor.
I cover real-world challenges, practical advice, and leadership lessons.

📰 Subscribe now: zurl.co/TY6Pn
#Cybersecurity #InfoSec #Leadership #SMBs #CISO
December 25, 2025 at 5:15 PM
mcborroughvcxo.bsky.social
In this edition of the SMB CISO Insights, I break down the “Security vs. Compliance” debate and explain why it’s a false choice for today’s organizations.

👉Join the discussion!

#cybersecurity #GRC #compliance #riskmanagement
zurl.co/P3X4V
The False Choice of Security vs. Compliance: Why It’s Time to End This Debate
If you’ve been in cybersecurity for any length of time, you’ve no doubt heard someone declare, “Being compliant doesn’t mean you’re secure!” I hear it all the time from articles, social media, conference panels, and even students in my classes. I think it’s time we retire the security versus complia
zurl.co
December 23, 2025 at 11:35 PM
mcborroughvcxo.bsky.social
Check out Part 3 of our Cybersecurity Essentials for Small Business: A Fractional CISO’s Guide series. We discuss Compliance and Legal Risks – What Every Small Business Owner Needs to Know. zurl.co/YUxbi

#mcborroughvcxo #FractionalCISO #Smallbusiness #Cybersecurity
Cybersecurity Essentials for Small Business: A Fractional CISO’s Guide – Part 3: Compliance and Legal Risks – What Every Small Business Owner Needs to Know – William J McBorrough, CISSP, CRISC, CISA, CMMC CCP
zurl.co
December 22, 2025 at 11:30 PM
mcborroughvcxo.bsky.social
Check out our final article in our 5-part Cybersecurity Essentials for SMBs: A Fractional CISO's Guide. We discuss cyber trends and predictions for 2025. zurl.co/IFv1F

#mcborroughvcxo #CISO #FractionalCISO #Smallbusiness #Cybersecurity
Cybersecurity Essentials for Small Business: A Fractional CISO’s Guide – Part 5: The Future of Cybersecurity for Small Businesses – Trends and Predictions – William J McBorrough, CISSP, CRISC, CISA, CMMC CCP
zurl.co
December 19, 2025 at 1:27 PM
mcborroughvcxo.bsky.social
Get expert insights, musings and occasional rantings a 20-year cyber pro, entrepreneur, & professor.
I cover real-world challenges, practical advice, and leadership lessons.

📰 Subscribe now: zurl.co/TY6Pn
#Cybersecurity #InfoSec #Leadership #SMBs #CISO
December 18, 2025 at 5:15 PM
mcborroughvcxo.bsky.social
In edition of the SMB CISO Insights newsletter, I share how to communicate risk in business terms, highlight impacts that are not purely financial and align executives around resilience and strategic outcomes.

#SMBCISOInsights #Cybersecurity #CISO #RiskManagement #Resilience


zurl.co/QnazS
Beyond Money, Downtime, and Data Loss: Expanding the Cyber Risk Conversation
A few weeks ago, I sat in a meeting with a vCISO client listening to a vendor present a risk assessment. The slides were packed with patch metrics, vulnerability scores, and threat charts.
zurl.co
December 17, 2025 at 3:37 PM
mcborroughvcxo.bsky.social
Fractional CISO vs. Virtual CISO: What’s the Difference?
zurl.co/uFKJw

#mcborroughvcxo #CISO #FractionalCISO #Smallbusiness #Cybersecurity
Fractional CISO vs. Virtual CISO: What’s the Difference? – William J McBorrough, CISSP, CRISC, CISA, CMMC CCP
zurl.co
December 17, 2025 at 3:31 PM
mcborroughvcxo.bsky.social
What Health Tech Startups Must Know About HIPAA and HITECH -
Guidance for Small Businesses
zurl.co/biEch

#mcborroughvcxo #CISO #FractionalCISO #Smallbusiness #Cybersecurity
What Health Tech Startups Must Know About HIPAA and HITECH – William J McBorrough, CISSP, CRISC, CISA, CMMC CCP
zurl.co
December 16, 2025 at 4:52 PM
mcborroughvcxo.bsky.social
Check out Part 2 of our series: Cybersecurity Essentials for Small Business: A Fractional CISO’s Guide. Learn best practices for Building a Cybersecurity Program on a Small Business Budget zurl.co/xjqXY
#mcborroughvcxo #FractionalCISO #Smallbusiness #Cybersecurity
Cybersecurity Essentials for Small Business: A Fractional CISO’s Guide – Part 2: Building a Cybersecurity Program on a Small Business Budget – William J McBorrough, CISSP, CRISC, CISA, CMMC CCP
zurl.co
December 16, 2025 at 4:38 PM
mcborroughvcxo.bsky.social
7 Cyber Threats Every Government Contractor Should Know About in 2025
zurl.co/ViqoI

#mcborroughvcxo #CISO #FractionalCISO #Smallbusiness #Cybersecurity
7 Cyber Threats Every Government Contractor Should Know About in 2025 – William J McBorrough, CISSP, CRISC, CISA, CMMC CCP
zurl.co
December 16, 2025 at 3:29 PM
mcborroughvcxo.bsky.social
Too many companies buy cyber insurance and neglect the controls that make it effective.

This article explains how this oversight leads to claim denials, reputational harm, and lost client trust and how to avoid it.

zurl.co/WafFN
#CyberResilience #CyberInsurance
Cyber Insurance: Safety Net or Security Crutch?
Cyber insurance can be a powerful tool in your risk management toolkit, but it’s not a replacement for building and maintaining sound cybersecurity practices. I’ve seen organizations treat insurance as a shortcut rather than a complement to security maturity.
zurl.co
December 15, 2025 at 7:56 PM
mcborroughvcxo.bsky.social
Cybersecurity Regulations Update 2025: Essential Guidance for Small Business Owners
zurl.co/rI7Ko
#mcborroughvcxo #CISO #FractionalCISO #Smallbusiness #Cybersecurity
Cybersecurity Regulations Update 2025: Essential Guidance for Small Business Owners – William J McBorrough, CISSP, CRISC, CISA, CMMC CCP
zurl.co
December 15, 2025 at 3:28 PM
mcborroughvcxo.bsky.social
The Benefits of a Fractional CISO
zurl.co/tKlHt

#mcborroughvcxo #CISO #FractionalCISO #Smallbusiness #Cybersecurity
The Benefits of a Fractional CISO – William J McBorrough, CISSP, CRISC, CISA, CMMC CCP
zurl.co
December 14, 2025 at 3:32 PM
mcborroughvcxo.bsky.social
Too many SMBs think cyber risk is “a big company problem.” It is not. The cybersecurity poverty line is real—and it’s endangering your operations, customer trust, and survival.
💡 Learn how to close the gap with pragmatic, cost-effective strategies:
zurl.co/Eo1EE
The Cybersecurity Poverty Line: Why SMBs Remain Vulnerable – William J McBorrough, CISSP, CRISC, CISA, CMMC CCP
zurl.co
December 13, 2025 at 9:16 PM
mcborroughvcxo.bsky.social
AI is everywhere but governance is nowhere, security leaders must step up.

This SMB Cyber Insights article addresses why AI needs cybersecurity leadership now:

🔗 zurl.co/M7WLl

#CISO #AI #Cybersecurity #AIGovernance #RiskManagement
CISOs: The New Champions of AI
Artificial Intelligence is no longer a niche capability. It is the default.
zurl.co
December 13, 2025 at 9:15 PM
mcborroughvcxo.bsky.social
Get expert insights, musings and occasional rantings a 20-year cyber pro, entrepreneur, & professor.
I cover real-world challenges, practical advice, and leadership lessons.

📰 Subscribe now: zurl.co/TY6Pn
#Cybersecurity #InfoSec #Leadership #SMBs #CISO
December 11, 2025 at 5:15 PM
mcborroughvcxo.bsky.social
Building a Security Program for a Small Business by a Fractional CISO
zurl.co/MRzsn

#mcborroughvcxo #CISO #FractionalCISO #Smallbusiness #Cybersecurity
Building a Security Program for a Small Business by a Fractional CISO – William J McBorrough, CISSP, CRISC, CISA, CMMC CCP
zurl.co
December 11, 2025 at 3:32 PM
mcborroughvcxo.bsky.social
Learn the differences between SOC 2 Type I and SOC 2 Type II attestation reports. Read a CISO's guide to help you decide which is right for your small business?
zurl.co/Kwx7g

#FractionalCISO #Smallbusiness #Cybersecurity
SOC 2 Type I vs. Type II Attestation: Guidance for Small Businesses – William J McBorrough, CISSP, CRISC, CISA, CMMC CCP
zurl.co
December 9, 2025 at 5:59 PM