A “Compliant Culture” isn’t a corporate buzzword, nor a simple deference to regulatory rules and guidance. Rather, it’s a combination of leadership authenticity with a deliberate leadership action of proactively creating an environment where employees want to come in to the workplace to do the right thing – each day and all day.

The unrelenting number of cybercrime breaches reported each week would seem to buttress the traditional school of thought that a cybercriminal’s capability increases the chances of a successful breach of a firm’s cyber defences. However, I often debate the question ‘are cybercriminals really becoming more capable in this age of the dark web and the… (0 comment)

When Visa holds its post-incident review discussions into the outage on Friday that caused widespread ‘chaos’ for its customers across Europe, the company’s Board, CIO, CISO etc. should congratulate their technology and InfoSec teams for a brilliantly-executed disaster recovery plan. Risk Management When planning to mitigate technology risk, there are two generic risk tactics to… (0 comment)

Following my Equifax post last week, I’ve had numerous calls from women (and a few men) keen to progress in the Cybersecurity industry, and after I sat and passed my Corporate Finance Regulations paper on Monday (finally!), I’ve booked a few Skype conferences  for this week and next week. Now for a long time, well-meaning… (0 comment)

Cybercriminals don’t care TBH…
Cybercriminals don’t seek to prove or disprove the CISO’s qualifications, in all truth; all they care about testing is our ‘defence’ – which consists of software, hardware and – most importantly, our security teams who do the actual physical work to defend the corporate systems. If we respect and acknowledge each and every team member… (0 comment)

Keeping it Simple – The Equifax CISO’s Qualifications!
So the former Equifax CISO, who’s most likely feeling pretty low over the security breach – has subsequently borne the brunt of many professionals mocking her ‘music’ degree – presumably suggesting the lack of a technical degree caused the breach! Let’s consider this fact: Between 2016/17, the FBI,  Yahoo, Sony, TalkTalk, and even LinkedIn –… (0 comment)

The Big Risks of your Tiny USB Stick
So you’ve been handed a brand ‘new’ USB (Memory) stick from a conference you’ve attended, or you’ve found a misplaced USB stick on the floor inside or outside the office, and you want to find out what’s on it so you can return it to its rightful owner; so what’s the first thing you do… (0 comment)

Diversity & The Glass Ceiling – Inverted
Regulation can never be the solution to getting more women into IT or Cybersecurity – or getting more BAME or female professionals on boards. Indeed, if you force diversity on a leadership group- the resultant resentment towards the perceived recipient of favour – i.e. whether that’s a BAME professional or a woman – isn’t worth… (0 comment)

The $2 Trillion Dollar Cyber Crime Industry and the Corporate Board’s Fiduciary Responsibilities
With Cybercrime’s annual turnover projected to reach $2 TRILLION dollars by 2019, Boards need to step up the engagement of CISO’s and CIOs at the board table. Why are CIOs/CISOs still struggling to get a seat at the table? Not because board executives don’t understand security or technology, and not because CIOs/CISOs aren’t speaking ‘strategy’ language… (0 comment)