Category: CISO Blog

Category: CISO Blog

Strategy – Can a CISO learn from the 2019 General Election?
13/12/2019 CISO Blog, Security Advisory Blog EditoratLarge

Security Strategy – What lessons can CISOs learn from the UK Gerneral Election 2019 when devising and delivering a security strategy? Here are three…

Read More
Security Awareness Training Dies. My 2020 Prediction
11/12/2019 CISO Blog, Security Advisory Blog EditoratLarge

My prediction is that 2020 will be the year security awareness training dies…and not before time…

Read More
Cybersecurity Strategy – Organise to Operate
07/12/2019 CISO Blog, Security Advisory Blog EditoratLarge

Cybersecurity strategy is being “organised to operate”. A principle that is fundamental to developing an effective cybersecurity programme. Here’s why…

Read More
Security Audit – Are you a ‘Quiddler’?
26/11/2019 CISO Blog, DPO Blog, Security Advisory Blog EditoratLarge

Are you a Quiddler? No, this is not some fanboi reference to Harry Potter (I’ll be honest I haven’t read one of the series, I’m a proper muggle!). Quiddling, however, is a very real problem in the world of Security Audit. If you want to know more, keep on reading. You could be one of

Read More
Business Continuity & 22301:2019 – Do I need to get new BC Software?
04/11/2019 CISO Blog, Security Advisory Blog, Uncategorized EditoratLarge

Here are some changes in the 2019 version of 22301 that could mean your current Business Continuity software solution may no longer be fit-for-purpose.

Read More
Data Breach: 10% of affected businesses closed down in 2019…or did they…?
23/10/2019 CISO Blog, DPO Blog, Security Advisory Blog EditoratLarge

I know there is a rush to get things out the door and I am very grateful for those who report on data breach stats but this article from Dark Reading piqued my interest: 10% of Small Businesses Breached Shut Down in 2019. Whenever I see a statistic like this I am always a little

Read More
Security KRI – Are the Management Team walking around naked?
15/10/2019 CISO Blog, Security Advisory Blog EditoratLarge

Poorly defined security KRI or Key Risk Indicators can give your senior management team a false sense of security but is a fear of presenting a potentially negative picture akin to the Hans Christian Anderson tale, ‘The Emporer’s New Clothes’? In this fairytale two tailors promise their emperor a new suit and tell him that

Read More
Climate Change Solved: GDPR mitigates climate change risk!
01/10/2019 CISO Blog, DPO Blog, Security Advisory Blog EditoratLarge

Whether you believe climate change is a real thing or not there is no arguing 16-year-old Greta Thunberg is making headlines. Her efforts to raise awareness about this key issue of our time are pretty impressive. Whilst some people don’t think climate change is real, as a person who believes in evidence-based decision-making, I am going to pin my colours

Read More
Technical Debt: A Cautionary Tale!
19/09/2019 CISO Blog, DPO Blog EditoratLarge

Once an organisation understands the technical debt borrowed by its project managers the more likely projects will deliver the expected outcomes.

Read More
Securing small businesses – block ‘most’​ external cyber threats with these four low-cost controls
12/09/2019 CISO Blog, Security Advisory Blog EditoratLarge

Securing small businesses is a different type of challenge to securing a larger organisation. Doing these four things could block most external cyber threats!

Read More