82% of boards are concerned about cybersecurity… …and the UK Parliament think your CEO’s salary should be linked to your firm’s cybersecurity… …but who is really accountable? This June 14th CSO Online article says boards […]
Part of the Infospectives Diary Of An InfoSec Kid series. Originally written about the Kiddicare hack, but now 117 Million LinkedIn usernames and passwords have been found for sale on the darknet The image links to […]
The first post called out fairly damning findings about the state of vendor security governance at most firms, and looked at the criticality of: Early engagement Doing triage Clarity about vendor selection criteria […]
Who is viewed as formal owner of your cybersecurity risks? A poll for anyone in any organisation. This isn’t asking who should be risk owner, it’s asking who the majority of staff think owns these risks. […]
Does your #SupplyChain #Cybersecurity #RiskManagement reflect your security dependence on 3rd parties?
Blockchains are tackling the ‘I’ in the holy InfoSec CIA trinity more simply and robustly than anything that’s gone before, but can we grasp this well enough to avoid expensive purchasing and security mistakes?
Maria Korolov, writing for CIO Online, summarised key findings from (ISC)2’s recent report on Women In Security. A report informed by the their 2015 Global Information Security Workforce Study. The standout figure? […]
Wild Speculation & IT Transformation – A four-part story of budget cuts, blamestorming, breaches and massive bumps in the road to mature security.
It looks entirely possible you will have ‘adequate’ security dictated by your insurers, so it is your job to understand the risk based yardstick they’re using to define that
There is no such thing as Information Security risk. There are just business risks that have one or more security or IT related causes.
Lessons learned along the way and plans to help you avoid FUD provoked GDPR investment
Today @voteleave took down their web content. So, in the interests of understanding a significant record of the Leave position as we work towards Article 50 invocation, I saved some of the […]
In mid May we found out the Bank of Bangladesh lost a reported $81m when crooks managed to fraudulently redirect funds to shady recipients via the Swift international money transfer system. Then we […]
The EU’s General Data Protection Regulations are promising to shake up the way businesses perceive and treat their responsibly to look after your data. Not least because a breach of legal obligations […]
I wanted to blast an assumption about your kids’ ability to manage their own security My kids have been told since they were tiny what it’s ok, and not ok, to do […]