RISK & CYBERSECURITY

I’ve given variants of this talk at a few events in 2024 and received a lot of requests for the slides and a blog post. So here we go. ...

I managed to keep up the pace of 1 post every 2 weeks throughout 2024. Just when I think I might be running out of ideas, and the backlog...

One of the most profound, yet simple, acts of leadership I personally experienced was in the days after 9/11/2001. After the terrorist...

Every few months some association or other learned group of professionals makes a fresh call to action for cybersecurity regulatory...

I’ve previously posted about some of the best security movies made  but I have to confess I’m not a big fan of the genre. They tend not...

If you work for a large organization, especially public or otherwise regulated companies, then you may well have faced the prospect of...

It’s puzzling that there aren’t more articles comparing and contrasting wildlife hunting techniques with cyber threat hunting, or maybe...

This is the second of two posts about interviews (the first post is here ). In this one I’ll focus on interviewing candidates and the...

This is the first of two posts about interviews. In this one I’ll focus on interviewing for a role. In the next one we’ll look at how to...

I wrote the original version of this post over 4 years ago. In revisiting this it is interesting to note that not much has actually...

If we are to keep advancing the fields of information / cybersecurity, technology risk management and resilience then we need to apply...

Security training is often considered a bit of a waste of time. Maybe this is unfair, but unsurprising in the face of the worst forms of...