82% of boards are concerned about cybersecurity… …and the UK Parliament think your CEO’s salary should be linked to your firm’s cybersecurity… …but who is really accountable? This June 14th CSO Online article says boards […]
Who is viewed as formal owner of your cybersecurity risks? A poll for anyone in any organisation. This isn’t asking who should be risk owner, it’s asking who the majority of staff think owns these risks. […]
Did you think you were a driving god when you first passed your test? Are you 100% compliant with the latest security standards? Could there be parallel lessons to apply to mitigating InfoSec risks?
A double dose of what we hope is the security obvious. What do you think when someone calls a system 100% hack proof? And are all pen tests created equal?
The IoT – The terrifying creature from cyberspace. How much of the problem is FUD and how much is poor and rapid development of solutions…a balance to be struck in the interests of clarity
Information security policies this week. Is yours all it’s cracked up to be and what security value is it adding for anyone except lawyers, regulators and auditors?
Do you know where data is, what data is with whom and what they are doing with it? This is a post originally published on LinkedIn and prompted by a Business Value […]
Ramblings on risk starting with John Pescatore and ending with comments from FAIR risk framework creator Jack Jones. This is a direct transcription of a discussion about risk management on LinkedIn started […]