• Phil Venables

2020 Short Review

At the risk of being too understated, 2020 was an interesting year. In this blog I’ve covered many topics across the range of strategy and tactics for running enterprise security and risk programs. Below is a word-cloud of those posts from 2020. I think it speaks for itself as to what we’ve focused on all year.


Like all of us, 2020 was a significant time of learning for me.


What I learnt professionally:

  • We are only at the very early stages of the digital transformation of business and the secure transition to the cloud

  • People in all organizations are amazingly adaptable

  • Covid didn’t really drive any new trends even though it felt like it did, it just magnified and accelerated the changes that were already happening

What I learnt personally:

  • When you’re in Hong Kong in January and you realize this whole Covid thing is going to be a big deal before everyone else realizes that, then sell some stock. Although holding through the dip worked out ok......so far

  • Get a stand up desk earlier

  • Kids have had the toughest time of all this year, even if as parents we think we’ve had it pretty tough. I’m amazed at how they’ve dealt with it.


Here’s to 2021.

916 views0 comments

Recent Posts

See All

I typically don’t do book reviews, but this book was impressive and it resonated with many information security and risk management topics. To take a step back, I’ve developed a distaste for business

How much of your work that you would like to describe as a “grand” challenge is really more of a “grind”? As an industry we like to talk of grand challenges, moonshots and other grandiose terms. At on

In this, fourth and final post in the series of Crucial Questions I’m going to focus on those from governments and regulators. This builds on the topics covered before: Crucial Questions from CISOs an