Posts categorized: JC’s Column
11 July 2024 / JC's Column / JC Gaillard
Where trust is present between CISOs and top executives, justifying investments is rarely a problem. This interesting piece caught my eye on social media and deserves some commentary (5 Key Questions CISOs Must Ask Themselves About Their Cyberse… Read more »
25 April 2024 / JC's Column / JC Gaillard
There is something of a governance malpractice in bringing in a new expert for every problem the Board may encounter I am not sure what to make out of this recent report from Diligent and BitSight. It is interesting by the size of its sample (in… Read more »
8 February 2024 / JC's Column / JC Gaillard
Cyber resilience needs clear accountability from the top In January 2024, the UK government launched a consultation around a proposed “Cyber Governance Code of Conduct”, the design of it, how to drive its eventual uptake and the need for some fo… Read more »
23 November 2023 / JC's Column / JC Gaillard
Data may be “the new oil” for the manufacturing world but it cannot be taken for granted This interesting piece in the Journal of Petroleum Technology made me think, not least because it does not mention in any way the data security imperative that nee… Read more »
7 September 2023 / JC's Column / JC Gaillard
Looking for hybrid profiles that cannot exist is just fuelling the perception of a cybersecurity skills gap Commenting on one of my Linkedin posts, one of my readers mentioned “absurdly dissonant requirements” in CISOs role descriptions, mention… Read more »
15 June 2023 / JC's Column / JC Gaillard
Research suggests only 14% of CISOs appear to have the skills required but does it really matter? A recent survey by IANS Research highlights that only 14% of CISOs appear to have the skills required to sit at Board level. The findings have been… Read more »
6 April 2023 / JC's Column / JC Gaillard
It’s often trying to go too fast with the wrong leadership baggage that drives CISOs to failure. The cybersecurity narrative on social media remains driven by the misleading messages of tech vendors, and dominated by considerations of insufficient inve… Read more »
5 January 2023 / JC's Column / JC Gaillard
More than ever, simply throwing money at tech vendors while ignoring underlying cultural and governance issues will not cut it in the years ahead. Every year around November, and for a few months, predictions of all sorts start to appear for the… Read more »
24 November 2022 / JC's Column / JC Gaillard
You Are Not Going to Fix Your Cyber Security Problems by Buying More Tech For the last 20 years, large organizations have been spending significant amounts of money on cyber security products and solutions, on managed services, or with consultan… Read more »
22 September 2022 / JC's Column / JC Gaillard
It’s about time we go back to basics with most of our cyber security commentaries Re-reading some articles I wrote years ago, it worries me that I would hardly change a word in this 2016 piece (“Cyber Security: When True Innovation Consists of Doing No… Read more »