Breaches hurt, incident management is a strategic security priority, and legal notification requirements are ramping up. But how does that translate into action, and are firms learning from mistakes?
When CNN published their “Superhero Hacker” series it kicked off on Twitter. While the circumstantial truths and skills of those featured are indisputable, the bigger question of enduring stereotypes came to the fore. […]
Far too many do far too little to assess and govern 3rd party security…it’s time for that to change.
A popular feature here fell by the wayside for a while. To regain momentum here are collected tweet-size analogies (a.k.a Weekly Wee Ones) with a new one created just today. As ever, if […]
An old fashioned tale of reporting lines impacting effective communication, missing due diligence, disgruntled insiders, social engineering, technical risk blinkers, political incident response and risk owners not being armed with the information they need.
This isn’t about getting your staff drunk on tonic infused Hendricks, Bombay Sapphire, or Beefeater (depending on your office-hours drinking policy), this is about putting a face to security, then building knowledge and […]
Wild Speculation & IT Transformation – A four-part story of budget cuts, blamestorming, breaches and massive bumps in the road to mature security.
Cybersecurity spending is like roulette – too much left to chance. Is it time to re-inject the intelligence and level the risk playing field, by changing the game?