The Leading Indicators of a Great Info/Cybersecurity Program
It can be hard to effectively assess, with a suitable degree of rigor, the security of your suppliers, counter-parties or companies you...
top of page
Search
- Jan 19, 2020
- 4 min
Operational Resilience
The Bank of England has recently released a sequence of consultation papers, after an earlier discussion paper, laying out a framework...
2,319
- Jan 1, 2020
- 3 min
Predictions and Calls to Action
It’s that time of year for all the predictions of what to expect for the next year, and now - the next decade. I’m generally not a fan of...
126
- Dec 15, 2019
- 1 min
Non-Technical Books. Recommended List
For some reason, first at a TAG_Cyber event and then coincidentally at 2 other events, the question of what books security people should...
446
- Dec 7, 2019
- 3 min
The Art of Influencing
A critical measure of success for most security roles is the ability to influence. I’ve often found people think influence skills are...
433
- Dec 1, 2019
- 3 min
Insider Threat Risk - Blast Radius Perspective
The management of insider threats is a complex and often under-thought process - people who work on it appreciate the subtlety and...
231
- Nov 24, 2019
- 2 min
Alternative Risk Management Strategies.
Much focus of risk mitigation is about implementing controls: preventative, detective and reactive. This is necessary in most cases, and...
504
- Nov 17, 2019
- 2 min
Simple Rules of (InfoSec) Career Success
Over the years I made note of what behaviors I’ve seen from successful people. By success, I mean getting results, increase span of...
239
- Nov 10, 2019
- 1 min
Shrines of Failure
I was at an event recently where one participant talked passionately about a disaster they had that they have since preserved artifacts...
641
- Oct 26, 2019
- 1 min
Career Longevity & "The Don't Fire Me Chart"
To fix anything sustainably requires long term action. This is especially true in technology risk and cybersecurity. The trouble is this...
3,428
- Oct 20, 2019
- 2 min
Risk Management is not only about Reducing Risk
It seems most risk and security programs, and instruction on how to run risk and security programs, focus exclusively on assessing risk,...
494
- Oct 5, 2019
- 2 min
The Stress and Joy of Security Jobs
A few months ago there was this whole thing about the stress of security roles, CISOs self-medicating, and a whole range of burn-out...
1,498
bottom of page