Who is viewed as formal owner of your cybersecurity risks? A poll for anyone in any organisation. This isn’t asking who should be risk owner, it’s asking who the majority of staff think owns these risks. […]
Does your #SupplyChain #Cybersecurity #RiskManagement reflect your security dependence on 3rd parties?
Out with the old and in with the new. Musing on a personal and #InfoSec transformation
Working out why handling of the upgrade made me so grumpy and how we hand over so much control to big vendors.
Norse Corp is in trouble – Just a company-specific blow, or raising bigger questions about threat intelligence value? Today Brian Krebs quoted sources who say Norse Corp is in serious trouble, to the point where […]
Blockchains are tackling the ‘I’ in the holy InfoSec CIA trinity more simply and robustly than anything that’s gone before, but can we grasp this well enough to avoid expensive purchasing and security mistakes?
Do we ask and can we answer the question “Why?” when talking about security? Not just for our employers, but for our peers, and our kids? If we can’t or we don’t, […]
Breaches hurt, incident management is a strategic security priority, and legal notification requirements are ramping up. But how does that translate into action, and are firms learning from mistakes?