11 June 2015 / Leadership Development, Strategy and Governance / Neil Cordell
Another commonly held view across Information Security communities is that Information Security needs to be primarily a technical discipline. At face value, this view doesn’t make sense because Information exists in both physical and digital forms – an… Read more »
4 June 2015 / Leadership Development, Strategy and Governance / JC Gaillard
Another commonly held view across Information Security communities is that Information Security needs to be everybody’s responsibility. This is the cliché against which countless Security awareness development programmes have been justified – and while… Read more »
2 June 2015 / Guest Blog / Richard Preece
Developing Organisational Cyber Resilience – A Core Process for Digital Transformation Digital transformation and innovation is one of the key agendas for almost all enterprises. As the world becomes increasingly hyper-connected through digitisation, e… Read more »
28 May 2015 / Strategy and Governance / JC Gaillard
Pin tactical initiatives against a long-term Information Security roadmap, and treat the root causes of problems: Fire-fighting alone breeds bad practice Another commonly held view across Information Security communities is that the CISO can only be a… Read more »
21 May 2015 / Strategy and Governance / JC Gaillard
Focus resources on the proper implementation of key Controls and sell success, instead of constantly following the latest technology trends Another commonly held view across Information Security communities is that Information Security is critically an… Read more »
14 May 2015 / Leadership Development, Strategy and Governance / JC Gaillard
Create a sense of reality around the threats and do not focus only on IT aspects: Talk to your business in its own language about Security. Another commonly held view across Information Security communities is that the business doesn’t really care abou… Read more »
7 May 2015 / Leadership Development, Strategy and Governance / JC Gaillard
Think of Information Security as a Control function and not as a Support function. There is a commonly held view across Information Security communities that Information Security should be an “enabler” to the business. This is simply the wrong debate a… Read more »
30 April 2015 / Strategy and Governance / JC Gaillard
To many organisations, Information Security is something which has historically been approached from an audit or compliance perspective. Questions such as “what do we need to do in order to correct these audit issues?” and “which boxes do we nee… Read more »
24 April 2015 / JC's Column / JC Gaillard
Describing Cyber Security as a risk is a language oddity that keeps appearing at an alarming rate. We have already highlighted this in an earlier article in March published on Computing.co.uk. It is a dangerous and simplistic shortcut, typical of the s… Read more »
16 April 2015 / Strategy and Governance / JC Gaillard
This article examines the organisational relationships between the role of the Chief Information Security Officer (CISO) and the corporate environment around it, with a focus on why reporting lines are essential and how they should be structured. Why i… Read more »