RISK & CYBERSECURITY

Thoughts from the Field
  • HOME

  • ABOUT

  • RECENT EVENTS & PUBLICATIONS

  • More

    Use tab to navigate through the menu items.
    • Instagram - White Circle
    • All Posts
    • Leadership
    • Risk
    • Cybersecurity
    • Technology
    Search
    • May 21
    • 7 min

    Defense in Depth

    Defense in depth is a well accepted security principle. Intuitively, it stipulates there should be multiple lines of controls so as to...
    2,326
    • May 8
    • 9 min

    Regulatory Relationships

    For some reason there have been a few people already in or moving into highly regulated industries, like finance or healthcare, that have...
    1,115
    • Apr 21
    • 3 min

    The Stress and Joy of Security Jobs - Updated

    There’s a lot going on in the world from conflict, crime, economic and many other pressures. Many of these matters have security...
    2,767
    • Apr 9
    • 9 min

    10 Fundamental (but really hard) Security Metrics

    As an industry we have been trying to deal with the issue of security metrics for a long time. I’ve written about this here, and in the...
    9,512
    • Mar 26
    • 7 min

    Resilience is about Capabilities not Plans - Updated

    Over the past 2 years, since I wrote the first version of this post, we’ve had a lot of opportunity to test our collective resilience....
    2,987
    • Mar 12
    • 9 min

    Human Error

    Human error is not an explanation, rather it is something to be explained. In analyzing and learning from incidents, not just security...
    2,246
    • Feb 26
    • 4 min

    Controls - Updated

    I wrote the first version of this post nearly 3 years ago. It is interesting that since then much of it remains true. Oddly, it also...
    3,177
    • Feb 12
    • 18 min

    Organizational Politics

    At every stage in your career and in every part of your role you are going to have to deal with organizational politics. By this, I don’t...
    6,441
    • Jan 29
    • 16 min

    Secrets of Successful Security Programs - Part 2

    As introduced in the last post, a successful security program is made up of two distinct elements: A series of episodic big bets that...
    4,929
    • Jan 15
    • 11 min

    Secrets of Successful Security Programs - Part 1

    A successful security program (although I imagine this advice could apply to any discipline) is made up of two distinct elements: A...
    8,421
    • Jan 1
    • 7 min

    The Obvious CISO : Don’t Overlook the Simple

    There is a great little book I read recently, “Obvious Adams - The Story of a Successful Businessman", it’s available on Amazon, but it’s...
    1,458
    • Dec 18, 2021
    • 3 min

    Risk Megatrends - Updated

    Megatrends are long-term, large-scale forces that shape the world around us. They are the driving forces that have tactical consequences...
    2,342
    1
    2345
    Subscribe for updates.

    Thanks for submitting!

    © 2020 Philip Venables.