RISK & CYBERSECURITY

Thoughts from the Field
  • HOME

  • ABOUT

  • RECENT EVENTS & PUBLICATIONS

  • More

    Use tab to navigate through the menu items.
    • Instagram - White Circle
    • All Posts
    • Leadership
    • Risk
    • Cybersecurity
    • Technology
    Search
    • Dec 4, 2021
    • 8 min

    How is the Security Profession Doing?

    I spoke on a CIISEC panel a few months ago about the state of the information security profession. This post is based on remarks I made...
    2,217
    • Nov 20, 2021
    • 4 min

    Security Program Tactics - Updated

    When starting or reinvigorating a security program, focus on a small number of meta-objectives that can have sustained outsize effects in...
    2,095
    • Nov 6, 2021
    • 6 min

    Slipstreaming : Business Tactics for Security & Control Implementation

    One of the most frequent cybersecurity binary thinking curses is that just because senior leadership in organizations won’t do every...
    1,299
    • Oct 22, 2021
    • 4 min

    Conferences and the Wider Security Eco System Culture - Toxic or Not?

    This could be part of another whole series on the curse of binary thinking so please read this in that tone. In other words, I’m trying...
    865
    • Oct 9, 2021
    • 3 min

    The Leading Indicators of a Great Info/Cybersecurity Program - Updated

    As we see more incidents occurring, whether ransomware, data breaches or fraud, many thoughts turn to how to know whether those we do...
    3,770
    • Sep 25, 2021
    • 4 min

    Cyber Deterrence : A Simple Perspective

    Cyber deterrence is a topic that comes in and out of vogue. It is widely studied but often misunderstood. It also suffers tremendously...
    1,321
    • Sep 12, 2021
    • 8 min

    If Accounting were like Cybersecurity

    It has always struck me how well the field of finance and more specifically accounting has done to standardize on its terms. This...
    2,298
    • Aug 27, 2021
    • 3 min

    Risk Management is not only about Reducing Risk - Updated

    This is an update from a post of a couple of years ago prompted by some recent observations from a few different organizations. It seems...
    2,488
    • Aug 14, 2021
    • 9 min

    Risk = Hazard + Outrage

    There are four major insights that, above all others, have influenced my approach to security and risk management over the past decades....
    3,386
    • Jul 30, 2021
    • 7 min

    CISO: Archeologist, Historian or Explorer?

    We talk about attackers being the enemy. Sometimes we talk about insider threats. But one of our biggest enemies is pernicious...
    1,952
    • Jul 16, 2021
    • 8 min

    Cybersecurity - The Board's Perspective

    How Boards, especially public company Boards, oversee cybersecurity is a crucial but difficult topic. This previous post discussed how...
    6,766
    • Jul 3, 2021
    • 6 min

    Cybersecurity and the Curse of Binary Thinking

    Working in information/cybersecurity and technology risk is a fascinating and challenging career, as I’ve covered here. There is, mostly,...
    21,613
    1
    2
    345
    Subscribe for updates.

    Thanks for submitting!

    © 2020 Philip Venables.