Who is viewed as formal owner of your cybersecurity risks? A poll for anyone in any organisation. This isn’t asking who should be risk owner, it’s asking who the majority of staff think owns these risks. […]
Defender mentality or Attacker mentality? Can a natural leaning towards one position or the other have an unhelpful blinker effect and are they mutually exclusive?
Just like Schrödinger and his quantum feline, most companies are just making assumptions about the state of their cybersecurity risks.
The why, what, how and what next of security policies. Now with a riposte from Phil Huggins who provoked this post and the linked articles by questioning the value of traditional written document sets
How do you avoid the situation that Sony currently finds its self in? How do you accurately assess potential loss and the likelihood of that loss occurring to make good security decisions?