As part of my new role, one of my first tasks has been to develop a cybersecurity strategy for the...
IT Security Central
IT Security Central
5 min read
Probability times Impact Graphs (PIGs), sometimes called a risk matrix, are endemic in security risk assessment and management. They were...
Previously I wrote about how I had implemented the simple quantitative analysis from Doug Hubbard’s book ‘How to measure anything...
Security culture remains an elusive amorphous ‘thing’ that we all aspire to improve but don’t really understand why or how....
2 min read
This was a busy week but once again the Open Security Summit proved why it is one of my favourite...
3 min read
I’ve recently been talking with some executives who bemoan the risk management in their organisations. They don’t trust the risks...
2 min read
I was speaking with a peer recently about the value of bow-tie diagrams and how they allow you to separate...
In these remote-first times I recently took part in a zoom conversation led by Henry Harrison at Garrison on the...
3 min read
This is the first installment of a three part series.. Over the next three installments, let’s work through the reality...
1 min read
UWEBC INFORMATION TECHNOLOGY PEER GROUP MEETING Value of IT: Using Metrics to Build a Narrative of IT’s Impact within the...