RISK & CYBERSECURITY

I haven’t done a book review for a while and there’s no better way to get back to this than a look at Stewart Brand’s Maintenance of Everything . Stewart developed a lot of this book in an open editing process and so the final delivery of what is Part 1 of a forthcoming series was all the more anticipated.  I’ve long been obsessed with the need for maintenance in the context of technology risk management, security and reliability. A big part of technical debt build up and the

We all need to advance our businesses and that is in many respects about selling. We also need to recognize that security and reliability are increasingly the path to sustainable long term customer success - which is your success. This is where the Field CISOs come in.  There are many more people that are becoming, so called, Field CISOs and many more organizations that are creating Field CISO teams under a variety of structures and names. Let’s look at what Field CISOs are,

I first wrote the original of this post over 4 years ago. Having seen a new spurt of discussion about organization politics in various on-line and in-person forums I thought it was time for an update.  At every stage in your career and in every part of your role you are going to have to deal with organizational politics. People often construe such politics as inherently negative. Yes, there are some organizations that have toxic cultures where organizational politics looks mo

As we talked about in the last post , a world going through a massive AI-driven transition means speed becomes vital. This is the speed of adapting to change and the speed of dealing with a world of threats, who are themselves moving ever faster.  It’s easy to say go faster but this has to be more than just wishful thinking or a line in a strategy document. You actually have to go do some things. You also have to push back against some of the defeatism that permeates a lot of