• Phil Venables

2020 Short Review

At the risk of being too understated, 2020 was an interesting year. In this blog I’ve covered many topics across the range of strategy and tactics for running enterprise security and risk programs. Below is a word-cloud of those posts from 2020. I think it speaks for itself as to what we’ve focused on all year.


Like all of us, 2020 was a significant time of learning for me.


What I learnt professionally:

  • We are only at the very early stages of the digital transformation of business and the secure transition to the cloud

  • People in all organizations are amazingly adaptable

  • Covid didn’t really drive any new trends even though it felt like it did, it just magnified and accelerated the changes that were already happening

What I learnt personally:

  • When you’re in Hong Kong in January and you realize this whole Covid thing is going to be a big deal before everyone else realizes that, then sell some stock. Although holding through the dip worked out ok......so far

  • Get a stand up desk earlier

  • Kids have had the toughest time of all this year, even if as parents we think we’ve had it pretty tough. I’m amazed at how they’ve dealt with it.


Here’s to 2021.

893 views0 comments

Recent Posts

See All

If Accounting were like Cybersecurity

It has always struck me how well the field of finance and more specifically accounting has done to standardize on its terms. This standardization is such that there is a general appreciation that when

Risk Management is not only about Reducing Risk - Updated

This is an update from a post of a couple of years ago prompted by some recent observations from a few different organizations. It seems there are still a large number of risk and security programs wh

Risk = Hazard + Outrage

There are four major insights that, above all others, have influenced my approach to security and risk management over the past decades. Two were, I think, my own. Although, to be fair these were deve