Posts categorized: Strategy and Governance

6 February 2020 / Strategy and Governance / JC Gaillard

Large firms with multi-million IT and security budgets should not end up in the mess we have seen with recent ransomware incidents. Period.   Recent ransomware incidents at Travelex in the UK and Bouygues in France profoundly challenge the way cyb… Read more »

28 November 2019 / Strategy and Governance / JC Gaillard

Outsourcing something simply because you don’t understand it is rarely a good start. Faced by constant reports of cyber-attacks in the media, most small and medium-size organisations have woken up to the reality of cyber threats over the past few years… Read more »

22 August 2019 / Strategy and Governance / JC Gaillard

One Board member must be in charge and their pay package must ride on it In 2015, in the wake of the TalkTalk data breach which made a massive impact in the UK media and even got politicians involved, we first explored the key questions the Board shoul… Read more »

18 July 2019 / Strategy and Governance / JC Gaillard

The Tactical Trap Many CISOs struggle to look beyond day-to-day firefighting and get trapped in tactical games. We highlighted this last year in the context of our “100 Days” series and it is one of the major factors preventing organisations from devel… Read more »

6 June 2019 / Strategy and Governance / JC Gaillard

Bake it in from the start: “Moving fast and breaking things” will become a thing of the past as customers and investors take security and privacy more and more seriously It seems that security is still – at best – an afterthought for most start-ups as… Read more »

11 April 2019 / Strategy and Governance / JC Gaillard

In anything but name, data is today’s most used currency. In the current business paradigm, structured by big tech firms over a decade ago and replicated since by a number of online platforms, individuals willingly provide their personal information in… Read more »

14 March 2019 / Strategy and Governance / JC Gaillard

No longer just as an equation between risk appetite, compliance requirements and costs The “When-Not-If” paradigm around cyber-attacks is changing the deal completely around cyber security. Many large organisations now assume that breaches are simply i… Read more »

31 January 2019 / Strategy and Governance / JC Gaillard

Excessive complexity and lack of first line integration render many GRC metrics useless Many CISOs complain of communication problems with their business. They are not being listened to. They are not getting the budget they think they should get. They… Read more »

17 January 2019 / Strategy and Governance / Corix Partners

Cyber security is becoming a matter of good corporate governance, good ethics, and quite simply – good business Cyber security has risen as a key issue on the radar of virtually all organisations. As a recent AT Kearney report suggests, cyber-attacks h… Read more »

6 December 2018 / Strategy and Governance / JC Gaillard

Why large organizations still struggle with decade-old security problems – and how to fix them The last 12 months have been dominated by GDPR and non-stop data breaches: Facebook, British Airways, Marriott … have all been in the news. It is still unkno… Read more »