Confirm whether you are in or out of scope of the #GDPR and ask yourself why that's important.
There can be no security without data protection There can be no data protection without security Of course neither is true. These kind of click-baity absolutist positions are a pervasive interne...
https://infospectives.co.uk/data-protection-security-and-the-gdpr-a-fuzzy-and-fraught-relationship/
So you've found, sorted and mapped data, but can you implement required processing controls? #GDPR
https://infospectives.co.uk/gdpr-youve-analysed-the-gaps-but-can-you-close-them/
Some time ago Jenny Radcliffe (internationally respected social engineering, people risk, and negotiations expert) asked me to be a guest on her new Human Factor podcast. I was delighted to accep...
Lessons learned along the way and plans to help you avoid FUD provoked GDPR investment
82% of boards are concerned about cybersecurity… …and the UK Parliament think your CEO’s salary should be linked to your firm’s cybersecurity… …but who is really accountable? This J...
https://infospectives.co.uk/so-your-ciso-owns-your-cybersecurity-risks/
The first post called out fairly damning findings about the state of vendor security governance at most firms, and looked at the criticality of: Early engagement Doing triage Clarity about vendor...
https://infospectives.co.uk/vendor-cybersecurity-governance-must-haves-part-2/
Who is viewed as formal owner of your cybersecurity risks? A poll for anyone in any organisation. This isn’t asking who should be risk owner, it’s asking who the majority of staff think ow...
https://infospectives.co.uk/poll-who-is-your-cybersecurity-risk-owner/
Does your #SupplyChain #Cybersecurity #RiskManagement reflect your security dependence on 3rd parties?
https://infospectives.co.uk/vendor-cybersecurity-governance-10-must-haves-part-1/
Out with the old and in with the new. Musing on a personal and #InfoSec transformation
https://infospectives.co.uk/death-taxes-security-transformation/