Posts categorized: Strategy and Governance
7 June 2018 / Strategy and Governance / JC Gaillard
Driving security transformation is becoming key; not justifying investments The age-long debate around security metrics and dashboards seems very much alive within the CISO community. But it is often positioned in an outdated historical perspective. Fo… Read more »
10 May 2018 / Strategy and Governance / JC Gaillard
The right reporting line is the one that works. Period. *** Watch JC Gaillard talk through the content of this article and more at this ADCG webinar on 27th October 2021 *** Why are so many organisations and security professionals still worried… Read more »
5 April 2018 / Strategy and Governance / JC Gaillard
The GDPR is not just about Security, but it has been dominating the life of many CISOs since last year. Notoriously, the regulation contains only a few actual references to data security. Article 32 mentions the need to have “appropriate” technical and… Read more »
21 September 2017 / Strategy and Governance / JC Gaillard
A Security Governance Handbook for the CISO and the CIO I have been involved with information security matters for almost 20 years and started writing regularly on the topic in 2015. Talking to CISOs, CIOs and their teams as part of my day-today field… Read more »
24 August 2017 / Strategy and Governance / JC Gaillard
With the clock ticking, time to take GDPR seriously and put “consumers and citizens first” GDPR has been a massive topic of discussion in the Security, Risk and Compliance industry since last year. However, many organisations – large and small – are st… Read more »
10 August 2017 / JC's Column, Strategy and Governance / JC Gaillard
Cyber Security is not a Risk Describing Cyber Security as a risk is a language oddity that keeps appearing at an alarming rate. It is a dangerous and simplistic shortcut, typical of the shallow nature of some debate taking place around these issues on… Read more »
27 July 2017 / Leadership Development, Strategy and Governance / JC Gaillard
The role of the CISO and their reporting line seems to be a continuing topic of discussion amongst cyber security professionals. The same title often hides a large diversity of roles, positioned differently across their respective organisations. It oft… Read more »
15 June 2017 / Leadership Development, Strategy and Governance / JC Gaillard
Keep appointing pure technologists in CISO roles and you’ll never win The Wannacry ransomware attack that affected so many large firms in May 2017 led to a number of animated discussions amongst InfoSec communities. The corrective patch (fixing the vul… Read more »
18 May 2017 / Strategy and Governance / JC Gaillard
12 months to go and nowhere to hide as potential fines could reach tens of millions for large firms by next year Many IT departments in large firms are increasingly concerned with business units contracting directly with service providers, as opposed t… Read more »
4 May 2017 / Leadership Development, Strategy and Governance / JC Gaillard
Corporate culture and the profile of the CISO are key, over and above any arbitrary organisational consideration It is astonishing to see the amount of interest still surrounding the reporting line of the CISO. The fact that it is still a topic of seri… Read more »