assurance
Cities, Disneyland, and Software Security
I like to think of our modern software infrastructure as being like a large city and posing the same trade-offs between risk and reward. We don’t wander carelessly around cities because of ...
What Do IT Auditors Really Do?
To operations, technology and cyber security leaders, auditors are often seen as a necessary evil. As a result, how audits are actually delivered often feels like witchcraft. So what exactly do they ...
Innovation Vouchers for Cyber Security
The Technology Strategy Board within the UK has recently provided access to funding (up to £5,000) for SMEs, entrepreneurs and early stage start-ups looking to gain assurance around their ‘Cyber Security’.Funding IT Security ...
Resilient Information Security
I recently had the opportunity to speak at the Edinburgh Symposium on Information Security: Governance, Sharing and Risk in a Digital Age on the topic of resilient information security. Testing for an organisation's resilience to an Information Security ...
Threat: The Missing Component.
Threat: The Missing Component.It is now widely acknowledged that risk management is the best way to manage security and security risks are beginning to be integrated into organisations’ business risk management structures ...
The 7 Elements
A question I am often asked is what is behind the name '7 Elements'. So for this blog post, I am going to explore this in more detail and go through each ...
