Cyber Security: The Board of Directors Needs to ask the Real Questions
In August 2014, the US-based Institute of Internal Auditors Research Foundation published (together with ISACA at their 2014 GRC joint conference) a research report focused on what the Board of Directors needs to ask in relation to Cyber Security.
As approach the 2015 GRC Conference – to be held in Phoenix, AZ on 17-19 August – J.C. Gaillard of Corix Partners offers his views on the 2014 report, and his own take on the key questions the Board of Directors should consider around Cyber Security.Read More
More Control, Less Risk
This article discusses the importance of technologists focusing more on threats and controls and less on risk in order to build an effective Cyber Security Practice.
It shines a light on the typically risk focused nature of the industry and why shifting that focus onto the implementation of effective controls to protect an organisation against real threats is key in effective Cyber Security. It also discuss the disconnect in viewpoints between technologists and business users – and how this can lead to a dangerous position, whereby an organisation develops a false sense of protection against cyber threats and cyber-crime.Read More
Information Security: Three Governance Challenges for the CIO This Year
In this article, JC Gaillard from specialist firm Corix Partners examines the relationship between the CIO and information security, including some of the core challenges faced by the CIO when trying to influence change in what has historically been a poorly governed area across many large organisations.Read More