top of page
Search
Oct 22, 202210 min read
Grand Challenges or Grind Challenges
How much of your work that you would like to describe as a “grand” challenge is really more of a “grind”? As an industry we like to talk...
1,915
Oct 8, 20227 min read
Field Guide to the Various Communities of Security
Which part of the security community are you in? Often, when one part of the security community talks about the overall community they...
3,129
Sep 24, 20226 min read
Essential Attributes of Security Leadership
Since I first wrote this back in 2021 (titled "CISO: Archeologist, Historian or Explorer?") it seems ever more true that complex and...
3,349
Sep 10, 202213 min read
Crucial Questions from Governments and Regulators
In this, fourth and final post in the series of Crucial Questions I’m going to focus on those from governments and regulators. This...
1,842
Aug 27, 202223 min read
Crucial Questions from CISOs and Security Teams
In this, third in a series of Crucial Questions posts I’m going to focus on the questions from CISOs and security teams. This builds on...
6,643
Aug 13, 202213 min read
Crucial Questions from CIOs and CTOs
In the last post I covered the crucial questions from Boards and executives. Here I will cover the questions I’m asked by CIOs, CTOs and...
5,063
Jul 31, 202211 min read
Crucial Questions from CEOs and Boards
Over the past few years I have done a lot of speaking at conferences, events and small group settings for Board directors and corporate...
6,158
Jul 16, 20223 min read
3 Year Review
I’ve been doing this blog for around 3 years, largely succeeding in posting every 2 weeks. I have learnt a lot in this process and I...
3,269
Jul 2, 20225 min read
The Reporting Line of Security Teams / CISOs - Updated
This can be an emotive topic for many people. It is one, I’ve found, colored more by dogma than nuance (as it seems with many things...
5,948
Jun 18, 20226 min read
Are Security Analogies Counterproductive?
Do analogies actually help us or do they set back our ability to drive change? On the face of it they are a useful explanatory tool, as...
2,323
Jun 4, 20228 min read
Career Advice and Professional Development
I often get asked for advice about careers and professional development. Unfortunately I don't have the time to do this in person, except...
7,939
May 21, 20227 min read
Defense in Depth
Defense in depth is a well accepted security principle. Intuitively, it stipulates there should be multiple lines of controls so as to...
5,691
bottom of page