So you've found, sorted and mapped data, but can you implement required processing controls? #GDPR
Some time ago Jenny Radcliffe (internationally respected social engineering, people risk, and negotiations expert) asked me to be a guest on her new Human Factor podcast. I was delighted to accep...
Very unusually for me (being a very busy working Mum of 2) I had two trips away to conferences in the last 2 weeks. The first was RANT and the second was
The first post called out fairly damning findings about the state of vendor security governance at most firms, and looked at the criticality of: Early engagement Doing triage Clarity about vendor...
Does your #SupplyChain #Cybersecurity #RiskManagement reflect your security dependence on 3rd parties?
Blockchains are tackling the 'I' in the holy InfoSec CIA trinity more simply and robustly than anything that's gone before, but can we grasp this well enough to avoid expensive purchasing and sec...
Update 3rd June – We WON! 🙂 Best New Security Blog 2015 It seems only yesterday I was astounded by the social security blogger award nomination and now look what’s happened! A
As some who follow me on Twitter know, I occasionally tweet a bite-size analogy. Sometimes with, sometimes without pics that cheer me up. A few folk have shown their appreciation by viewing,
About half of internal audit’s key stakeholders do not believe that internal audit is either delivering the value it should or addressing the risks that matter
A post looking at an apparent security awareness anachronism - more security knowledge seemingly breeding denial about security