Tag: ciso

Tag: ciso

API Security – Are You Secure from OWASP 2019 Top 10?
03/01/2020 CISO Blog, Security Advisory Blog admin

Firstly, Happy New Year. 2020 is going to be an exciting year for Fox Red Risk. We have lots of cool new offerings in the pipeline to support businesses large and small in the thankless task of keeping secure. If you have resource gaps and need support, then let us know. Right, back to the

Read More
Security Incident Avoidance – Hackers know we’re away for Christmas…
23/12/2019 CISO Blog, Security Advisory Blog admin

It’s that time of year where many of us will be ensuring our organisations can still deal with a security incident whilst most of the workforce are at home watching Christmas movies like Die Hard – yes, it’s definitely a Christmas Movie. Hackers know businesses are running on skeleton staff during the holiday period so

Read More
Strategy – Can a CISO learn from the 2019 General Election?
13/12/2019 CISO Blog, Security Advisory Blog admin

Security Strategy – What lessons can CISOs learn from the UK Gerneral Election 2019 when devising and delivering a security strategy? Here are three…

Read More
Security Awareness Training Dies. My 2020 Prediction
11/12/2019 CISO Blog, Security Advisory Blog admin

My prediction is that 2020 will be the year security awareness training dies…and not before time…

Read More
Cybersecurity Strategy – Organise to Operate
07/12/2019 CISO Blog, Security Advisory Blog admin

Cybersecurity strategy is being “organised to operate”. A principle that is fundamental to developing an effective cybersecurity programme. Here’s why…

Read More
Security Audit – Are you a ‘Quiddler’?
26/11/2019 CISO Blog, DPO Blog, Security Advisory Blog admin

Are you a Quiddler? No, this is not some fanboi reference to Harry Potter (I’ll be honest I haven’t read one of the series, I’m a proper muggle!). Quiddling, however, is a very real problem in the world of Security Audit. If you want to know more, keep on reading. You could be one of

Read More
Security KRI – Are the Management Team walking around naked?
15/10/2019 CISO Blog, Security Advisory Blog admin

Poorly defined security KRI or Key Risk Indicators can give your senior management team a false sense of security but is a fear of presenting a potentially negative picture akin to the Hans Christian Anderson tale, ‘The Emporer’s New Clothes’? In this fairytale two tailors promise their emperor a new suit and tell him that

Read More
Technical Debt: A Cautionary Tale!
19/09/2019 CISO Blog, DPO Blog admin

Once an organisation understands the technical debt borrowed by its project managers the more likely projects will deliver the expected outcomes.

Read More
Security ROI: The only Board-level cybersecurity metric you’ll ever need.
04/09/2019 CISO Blog admin

if the CISO isn’t providing their Board with a security ROI figure, then it’s quite probable the organisation is spending too much on the wrong things.

Read More
CISO role: All C and no IA, the 33% CISOs failing their organisations!
23/08/2019 CISO Blog admin

In the last (maybe…) of my three-part CISO rant series (See Part One and Part Two if you want to catch up) I am going to wrap up with a rant about the 33% CISOs not giving their organisations of a full CISO role. These are the CISOs who think their role is solely about

Read More