First of what may turn into a series of GRC day job related posts. Here I’m highlighting challenges for anyone involved with system security audits or assessments. This isn’t about merits of various […]
It’s a tough trick to put gut reactions in a box, but that’s what I’m trying to do (a tidge unsuccessfully). I’m not now claiming some intellectual high ground, just pausing for […]
At about 7pm I noticed a bit of a kerfuffle building on Twitter. Then I saw this tweet: Edward Snowden himself taking the Twitter plunge and like iron filings to an industrial […]
An old fashioned tale of reporting lines impacting effective communication, missing due diligence, disgruntled insiders, social engineering, technical risk blinkers, political incident response and risk owners not being armed with the information they need.
A journey from first internet encounters to Minecraft mods, while mindful of the risks and benefits of online adventuring
This isn’t about getting your staff drunk on tonic infused Hendricks, Bombay Sapphire, or Beefeater (depending on your office-hours drinking policy), this is about putting a face to security, then building knowledge and […]