Think Twice Before Switching Off Controls : Chesterton's Fence
Chesterton's Fence is a cautionary tale to make sure that before you change things you actually understand their purpose. This is...
top of page
Search
- May 3, 2020
- 5 min
Cyber Risk Quantification
Risk quantification, in any field, is not an end in itself. It exists to compel some action. That action might be to drive decisions or...
5,250
- Apr 26, 2020
- 5 min
Are You Managing Your Risk Register Effectively?
Not all risks are possible to fully mitigate in every context, so you need to record and manage those residual risks. These are often put...
3,444
- Apr 19, 2020
- 4 min
Intelligence Failures - “The Distortion of Retrospect”
The codebreaking and overall intelligence success of Bletchley Park in World War II is legendary. Ultra, along with broader Allied...
644
- Apr 5, 2020
- 3 min
Prioritizing Security Improvements - A Deceptively Simple Way
In most organizations you are constantly upgrading your security controls. This is for many reasons, including: New threats induce higher...
2,288
- Mar 22, 2020
- 2 min
Selling into a Crisis (Rights and Wrongs)
It can be irritating to receive e-mails from vendors during a time of crisis, like now, with the spin that their products can help. It is...
8,433
- Mar 8, 2020
- 15 min
Management 101 (+ remote working)
I have run organizations, large and small, local and remote, for many years. I have been the beneficiary (and victim) of many management...
3,766
- Mar 1, 2020
- 3 min
Cybersecurity Macro Themes for the 2020's
In this coming decade there will be 5 major themes that differentiate great security programs, products, features and processes. These...
2,056
- Feb 9, 2020
- 3 min
Risk : Mega Trends
I've been thinking more about mega trends applied to risk, specifically operational risk (people, process, technology & external events)....
1,235
- Feb 2, 2020
- 5 min
Dealing with the Deluge of Vendors
Everyone is deluged with approaches from product and service vendors, small and large. Even vendors struggle to keep track of who their...
1,526
- Jan 23, 2020
- 2 min
The Leading Indicators of a Great Info/Cybersecurity Program
It can be hard to effectively assess, with a suitable degree of rigor, the security of your suppliers, counter-parties or companies you...
1,917
- Jan 19, 2020
- 4 min
Operational Resilience
The Bank of England has recently released a sequence of consultation papers, after an earlier discussion paper, laying out a framework...
2,406
bottom of page