Fox Red Risk
The Cyber Security and Data Protection Consultancy
Want to Learn More about Cyber Security & GDPR
-
The Black Swan Fallacy: Why a failure of imagination is irrelevant to Resilience Planning
Every time there is a major incident, whether it be a global pandemic or a natural disaster. Whether it be an IT Outage or a bout of unseasonably hot or cold weather, the rallying cry of those trying to defend the paucity of their response to the unfolding events is now cliche: "We never thoughtRead More -
Denial of Suez: What can we learn about risk assessing SPOF?
Single points of failure (SPOF) creep into many business processes. Often unintentionally. Some exist from the outset but were simply not assessed, or were assessed and deemed low risk. That legacy server running a critical piece of code wasn't legacy at the beginning. That retiring SME, the one who wrote the code, had just started.Read More -
Virtual CISO – Running a Business. Thinking Differently about Security!
It's Monday morning and I have already been up for a while. I have had a few cups of tea. I have answered a few emails. I have written and submitted a proposal for a new piece of work. It's a great client too. When I submitted the proposal I had a sense of reliefRead More -
EU/UK GDPR Lawful Bases – Getting accountability right
Working out the lawful bases for your processing activities can be a challenge. Whilst the ICO has guidance and a useful tool to help organisations determine the lawful bases of processing, the final decision will always rest on the Controller organisation to defend. A Controller thus needs to document their lawful bases properly because ifRead More -
Is your Managed SOC starting to smell a bit fruity? Here’s what to do if it is
Remember a couple of years ago (when life was so very different). Remember reaching that point in your security maturity journey where you needed a way of detecting security events without the help of the BBC News letting you know? Remember looking at all those complex SIEM solutions? Remember deciding the time and effort involvedRead More -
EU has drafted its adequacy decision on the UK…and it seems we’re adequate.
As predicted in an article I wrote earlier this year, the EU are on the cusp of finding the UK's data protection regime adequate. The draft decision has been published and so you don't have to read the whole 87 page document I took one for the team and have summarised the bits I thought might be of interest,Read More
