Articles by David Lefever

Filter By Topic
Filter By Industry
David Lefever

David Lefever

Vice President | Cybersecurity

David has expertise in cyber strategy, enterprise risk management, and framework selection and adoption. David has worked in IT and cyber risk management for 20 years and is located in Carmel, IN. David loves fly fishing, live music, time with family, and a healthy work environment. Follow David on LinkedIn.

Why Distributed Energy Resources Are Creating a Cybersecurity Talent Crisis in the Grid

Learn how the deployment of distributed energy resources (DERs) is transforming cybersecurity requirements in the energy and utility sector.

What Smart Banks Know About FFIEC CAT Sunset Planning (That You Don’t)

The FFIEC CAT sunset on Aug. 31, 2025 is a fundamental shift from static compliance tools to continuous, adaptive regulatory frameworks.

Why Purple Team Exercises Are Your Best Defense Against Cyberattacks

Discover how purple team exercises enhance your organization’s cybersecurity defenses and the benefits of red and blue team strategies.

Are You Using the Right Type of Access Controls?

This comprehensive guide explores the five primary types of access control models and analyzes their strengths and weaknesses.

Why Risk-Based Conditional Access Is the Future of IAM

This blog post explores how risk-based conditional access policies can provide stronger, context-aware security while improving UX.

Maintain Cybersecurity Continuity During Organizational Shifts

Learn how organizational changes create unique cybersecurity vulnerabilities that threat actors can exploit.

What’s the Difference Between Audit and Assurance Services?

Learn the difference between the concepts of audit and assurance services and discover their distinct purposes and business value.

Common Cybersecurity Risks of Legacy ERP Systems (And How to Mitigate Them)

Learn about legacy system cybersecurity risks for you enterprise resource planning systems and what you can do to protect against those risks.

Overlooked Cybersecurity Risks of Mergers and Acquisitions

Explore the overlooked cybersecurity risks in mergers and acquisitions. We highlight the critical role of cybersecurity during due diligence.

Cybersecurity Risk Quantification: How to Estimate the True Cost of a Breach

In this blog, we explain why cybersecurity risk quantification’s importance in assessing breaches’ financial impact.

How to Prepare for a Cybersecurity Audit: 7 Steps to Improve Your Compliance Readiness

Discover how to prepare for a cybersecurity audit, and learn seven essential steps to enhance your compliance readiness.

The Top Questions to Ask When Selecting a GRC Tool

Learn about key considerations when selecting a GRC tool. We aim to help you choose the right tool to boost compliance.