RISK & CYBERSECURITY

A major success marker of great security leaders and their teams is one simple prioritization technique: the ability to know what needs...

There are many well known, so called, laws of technology. Moore’s law being particularly emblematic. Let’s look at some of them and see...

As we start out, or even when entering a new stage of our careers, we realize the need to be connected to a professional community. For...

Ever since I first became familiar with the 80/20 principle, and other circumstances marked by Pareto distributions, I began to see...

Many of us have been through several leadership transitions in our careers. It could be a new role in the same or different organization....

Thankfully I managed to keep up the pace of 1 post every 2 weeks throughout 2023. Just when I think I might be running out of ideas, and...

A critical measure of success for most security roles is the ability to influence. I’ve often found people think influence skills are...

No matter what you experience, what level of achievement, results or status you attain there is always something that might be perceived...

The skills for your role and your leadership style build up throughout your career. But I’ve found, personally and in talking to others,...

The skills for your role and your leadership style build up throughout your career. But I’ve found, personally and in talking to others,...

Unless you’re doing continuous or quarterly budgeting, which some organizations do, then you’ll no doubt be getting ready for the long...

As an industry we spend a lot of time talking about workforce development and skills shortages. However, we tend not to talk about how to...

Many of us have to regularly speak in public at a range of events large and small, public and private, staged and ad-hoc. As your career...

I have always struggled to balance work and life. Many years ago I realized I wasn’t so much struggling to achieve an effective balance,...

Maturing a security program in any type of organization is not just to increase specific control effectiveness but also to increase its...

In the last post we talked about the challenges and opportunities of using individual and organizational incentives to ensure effective...

Force 6 : People, organizations and AI respond to incentives and inherent biases but not always the ones we think are rational. //...

It’s that time of year when you’ve inevitably written notes to your organization and leadership about all your team’s achievements over...

I typically don’t do book reviews, but this book was impressive and it resonated with many information security and risk management...

How much of your work that you would like to describe as a “grand” challenge is really more of a “grind”? As an industry we like to talk...