The first post called out fairly damning findings about the state of vendor security governance at most firms, and looked at the criticality of: Early engagement Doing triage Clarity about vendor selection criteria […]
Who is viewed as formal owner of your cybersecurity risks? A poll for anyone in any organisation. This isn’t asking who should be risk owner, it’s asking who the majority of staff think owns these risks. […]
A little irreverent levity for beleaguered security pros everywhere: The Cybersecurity Prayer Our metadata, that art in clouds, cyber attack fodder be thy name… Thy nation state be backing, thy organised crime […]
Does your #SupplyChain #Cybersecurity #RiskManagement reflect your security dependence on 3rd parties?
Out with the old and in with the new. Musing on a personal and #InfoSec transformation
Is this a valuable outing of a principle-free profit-obsessed security trade, careless stereotype reinforcement, something in between, or a harmless bit of #InfoSec name dropping?