The first post called out fairly damning findings about the state of vendor security governance at most firms, and looked at the criticality of: Early engagement Doing triage Clarity about vendor selection […]
Who is viewed as formal owner of your cybersecurity risks? A poll for anyone in any organisation. This isn’t asking who should be risk owner, it’s asking who the majority of staff think owns these risks. […]
Does your #SupplyChain #Cybersecurity #RiskManagement reflect your security dependence on 3rd parties?
Out with the old and in with the new. Musing on a personal and #InfoSec transformation
Is this a valuable outing of a principle-free profit-obsessed security trade, careless stereotype reinforcement, something in between, or a harmless bit of #InfoSec name dropping?
This con is the first thing I’ve experienced that effectively challenges the discomfort ‘security suits’ can feel when mixing with hackers. I was told that would be the case, but you have to see […]
Blockchains are tackling the ‘I’ in the holy InfoSec CIA trinity more simply and robustly than anything that’s gone before, but can we grasp this well enough to avoid expensive purchasing and security mistakes?
Do we ask and can we answer the question “Why?” when talking about security? Not just for our employers, but for our peers, and our kids? If we can’t or we don’t, […]