Posts categorized: JC’s Column

3 January 2019 / JC's Column / JC Gaillard
Talent alienation is the biggest issue behind the cybersecurity management skills gap, but it shouldn’t be the case Who wants to be a CISO these days? And at which stage in your career should you consider the move? What balance of managerial and techni… Read more »
Read More
8 November 2018 / JC's Column / JC Gaillard
Simply throwing money at the problem is rarely the answer Many CIOs and CISOs would have come across this situation after an incident, a serious near-miss or a bad audit report: Suddenly, money and resources – which were previously scarce – appear out… Read more »
Read More
16 August 2018 / JC's Column / JC Gaillard
Quite a lot will now go down to the regulator’s appetite So … May 25th came and went, quickly followed by the football world cup and a heatwave which wrecked most of Europe and many other parts of the world … Around the GDPR, bureaucracy claimed… Read more »
Read More
21 June 2018 / JC's Column / JC Gaillard
The traditional role of the CISO is changing. It is being challenged by emerging new regulations such as GDPR, which are impacting all industry sectors, and the arrival on the scene of the new role of the DPO in many firms. It is being marginalised by… Read more »
Read More
24 May 2018 / JC's Column / JC Gaillard
Is the CISO an outdated concept? And what to do about it? The last SASIG meeting in London on 8th May 2018 examined the role and career of the CISO. It is hard to walk out of an event like this one not feeling that a number of things are seriously goin… Read more »
Read More
26 April 2018 / JC's Column / JC Gaillard
Nothing will change until the profile of the CISO is raised and they start to see their role over the mid to long-term Surveys suggest that the average tenure in a CISO position is around 2 years. Although it seems to vary depending on industry sectors… Read more »
Read More
15 February 2018 / JC's Column / JC Gaillard
GDPR has been at the forefront of privacy, security, risk and controls discussions in many firms since last year. Many are in the midst of large scale “compliance” programmes, spending enormous amounts with the view of achieving something by the 25th o… Read more »
Read More
4 January 2018 / JC's Column / JC Gaillard
People simply trust other people This excellent November piece from McKinsey on cyber security deserves a comment (“A Framework for Improving Cybersecurity discussions within Organizations” – Jason Choi / Harrison Lung / James Kaplan). The visualizatio… Read more »
Read More
19 October 2017 / JC's Column / JC Gaillard
Security is not about “enabling” the business but “protecting” it At the end of a keynote speech I gave at the excellent CIOWaterCooler LIVE! Event in London on 28th September 2017 on security organisation, governance and creating the dynamics for chan… Read more »
Read More
10 August 2017 / JC's Column, Strategy and Governance / JC Gaillard
Cyber Security is not a Risk Describing Cyber Security as a risk is a language oddity that keeps appearing at an alarming rate. It is a dangerous and simplistic shortcut, typical of the shallow nature of some debate taking place around these issues on… Read more »
Read More