Category Archives: Cyber security

November 20, 2018
0

Can cyber security be a business enabler?

By | Cyber security | No Comments

Recently, I've been talking a lot about business driven communication in security, building trust and the value proposition. I've incorporated these things into my high performance coaching and training programmes for years, as communication—the imparting or exchanging of information by speaking, writing, or using some other medium—is vital for today's savvy and progressive cyber security leaders.

You see, cyber security is topical and it’s exposing all of us in the industry to new areas. As people buy people, even if you don’t think you’re selling something in security, people are always buying. They’re buying into you—your mission, vision, leadership—and deciding whether or not they trust you. Creating trust, is therefore vital, if you’re going to enable stakeholder buy-in, move a project forward, get promotion, a bonus, new job, speaking opportunity, make sales and attract top talent.

And, business driven conversations around security, when you're meeting your buyer where they're at, and seeing things through their lens, build trust. They elevate you to another level. They differeniate you from the crowd. From the average. Read More

October 19, 2018
0

Security through procurement

By | Cyber security | No Comments

In May 2008, I wrote a blog about security through procurement. I wanted to make a case for it as it seemed such a logical thing to do. As it's still as relevant today as it was then – over a decade later – and as it follows on nicely from my DevSecOps blog, I thought it worth sharing.

Here's what I said.

Consider the fact: if it costs the same to install or develop a system (badly), as it does to install or develop it securely; why would you leave the choice to your supplier? The answer is you wouldn’t. Yet so many businesses actually do just that – they design and deploy systems without considering the security aspects from the outset leaving their businesses wide open to attack and unnecessary spiralling costs. This blog explores a couple of simple actions that can be taken in order to ensure that this doesn’t happen.

Typically when a business unit identifies a new venture, it creates a set of business requirements. These are passed to the IT department to interpret and a set of technical requirements are produced. Suppliers are then selected and another level of interpretation occurs. Quite often it’s pot luck as to whether the response resembles something similar to the original business requirement. By the time internal audit and information security get sight of them, they've usually been installed and functional for months. At this point, more often than not, the organisational policies and standards are found to be incompliant and significant unexpected costs are often incurred to rectify the matter.

And all this is totally needless.

Read More

September 12, 2018
0

Looking back at DevSecOps. Is it still polarised?

By | Cyber security, Uncategorized | No Comments

Back in 2004, I wrote a blog about secure development or what we now refer to as DevSecOps. Owning a leading penetration firm, we were doing a lot of evangelising about the secure development lifecycle (SDLC). Anyway, although the blog is well on its way to entering its second decade, I think it's just as relevant today as they was then and with pertinent lessons to learn. And, this is why I want to share it with you.

Here's what I wrote. Read More

June 12, 2018
0

Women in red ball gowns at Infosec. Why I spoke out.

By | Cyber security | No Comments

Listen you little wise-acre. I'm smart. You're dumb. I'm big, you're small. I'm right, you're wrong. And, there's nothing you can do about it.

Roald Dahl's heroine Matilda’s father Mr Wormwood was a bully, and he was wrong. At five and a half years old, Matilda could do something about it, and she did. She righted a wrong. And, she used her ‘special powers' to do so.

This week reminds me of her story and strength, plus my own special powers. So, let's start with one of them – communication – and two of the most important words you'll ever use.

I am.

These words are so powerful because what you put after them shapes your reality.

Cue me, and my Infosec ‘booth babes' story.

I am a leader. I am strong. And, I am humbled to learn.

Read More

May 15, 2018
0

How to use labels to get you ahead in cyber security

By | Cyber security | No Comments

I grew up labelled.

As a baby I cried. Let's correct that. I screamed. So, the first label I acquired was “SCREAM-ER!”

As a three-year old I was a bright kid. But, the one a parent despairs of, and is secretly desperate to farm off to a nursery, pre-school, or kindergarten. Truth be told, anywhere that will take them. And, as soon as possible.

When my mother collected me from nursery, by the end of the week, they were using a certain word to describe me.

“BELLIGERENT.”

I wasn't allowed to return. My mother wasn't happy. She now became the screamer and blamed my father. Apparently he'd been playing a game with me. He'd knock me over and then encourage me to do the same to him. Unfortunately, when I did this to other children they didn't understand it was a game, or find it funny, like I did.

Nor did the teachers. Read More

November 16, 2017
0

How to use the GDPR to enable business & increase revenue

By | Cyber security | No Comments

How to use the GDPR to enable business and increase revenue

In the spirit of full disclosure, please be aware that I’ve received compensation for promoting this #ad for Microsoft’s Modern Workplace Episode. Because your success is important to me, I only align myself with brands I believe in, and Microsoft is one of them.

If you're feeling overwhelmed about the GDPR, I wouldn't blame you. The clock is ticking. In six months the GDPR will become law and its impact will be felt. With so much negativity and scaremongering surrounding this new legislation, I want to turn the GDPR on its head and look at some of the benefits it’s going to bring.

It’s certainly what the guests on Microsoft’s latest episode of Modern Workplace have been talking about. Featuring Elena Elkina, Partner and Co-Founder of Aleada Consulting and David Kemp of Micro Focus, both discuss this new data privacy legislation in terms of the drivers, ethics, and business impact.

So, let’s get stuck in.

Read More

November 7, 2017
0

The minimalist guide to the GDPR

By | Cyber security | No Comments

The minimalist guide to the GDPR

In the spirit of full disclosure, please be aware that I’ve received compensation for promoting this #ad for Microsoft’s Modern Workplace Episode. Because your success is important to me, I only align myself with brands I believe in, and Microsoft is one of them.

I was on a training course the other week, with dozens of small to medium sized business owners. As it tends to happen at this kind of thing, whenever I mention I work in cybersecurity faces light up. And, as soon as we break for refreshments, people approach me with question after question. They want to know about one topic in particular – the GDPR.

To know more about the GDPR, watch Microsoft’s latest episode of Modern Workplace, which is available today.

I tell them what I’m about to share with you now. Read More

June 20, 2017
0

The great GDPR hoax

By | Cyber security | No Comments

The great GDPR hoax

One of my favourite stories as a child was Chicken Licken. I'm sure you'll know it, but in case you don't, it's a macabre folk tale about a chicken who believes the “sky is falling down” after an acorn lands on his head. Hysterical about the impeding disaster, he rushes off to tell the king, amassing followers in the process, and leading them to their untimely death. Whilst the story teaches children about courage, the main lesson they learn is not to follow blindly and believe everything they're told.

It's a good lesson and this simple children's story reminds me of where we are with the GDPR right now. If we're to believe everything we're told at conferences, or read online about it, things look pretty bleak.

Read More

Related Posts Plugin for WordPress, Blogger...