First of what may turn into a series of GRC day job related posts. Here I’m highlighting challenges for anyone involved with system security audits or assessments. This isn’t about merits of various […]
Cybersecurity spending is like roulette – too much left to chance. Is it time to re-inject the intelligence and level the risk playing field, by changing the game?
She-ra. Space hosting. Status Quo. The Usual Suspects. TEA and Taylor Swift…what I said and didn’t have time to say at BSides London
Just like Schrödinger and his quantum feline, most companies are just making assumptions about the state of their cybersecurity risks.
Did you think you were a driving god when you first passed your test? Are you 100% compliant with the latest security standards? Could there be parallel lessons to apply to mitigating InfoSec risks?
When it comes to cyber, information, IT (or whatever you choose to prefix it with) security, where do you draw a compliant and cost-effective line? Where, between gold-plated and the status quo, is good enough?