by Infospectives | May 6, 2016 | Corporate Security
The first post called out fairly damning findings about the state of vendor security governance at most firms, and looked at the criticality of: Early engagement Doing triage Clarity about vendor selection criteria and contractual requirements Building in means to...
by Infospectives | Apr 7, 2016 | Corporate Security, Featured
We are all increasingly dependent on third parties for our security, and most folk are doing a shockingly bad job of managing related risks. Target and their air conditioning supplier, OPM and just about all their key suppliers, Mossack Fonesca and 2.6 BILLION odd...
by Sarah Clarke | Sep 25, 2015 | Corporate Security, Featured, InfoSec
It is a beautiful day on the Downton estate. Dappled sun beneath the majestic oak decorates the couple who have their heads together in urgent conversation: “But Carson will never agree” argues Head of Marketing, Lady Mary “He will have little choice...
by Sarah Clarke | Sep 14, 2015 | Corporate Security, InfoSec
Something is wrong if you are hearing “JUMP!” then saying “HOW HIGH?!” in response to CVEs, SIEM/DLP alerts, threat intelligence reports and excited ‘cyber’ headlines. The ability to quickly and realistically respond to new...
by Sarah Clarke | Apr 17, 2015 | Corporate Security, InfoSec
When it comes to cyber, information, IT (or whatever you choose to prefix it with) security, where do you draw a compliant and cost-effective line? On one hand there’s regulation, legislation and ‘best practice’ (of myriad flavours), on the other...