Tagged: Governance

Large Firms: What role for the Group CISO?

The role of the CISO and their reporting line seems to be a continuing topic of discussion amongst cyber security professionals. Something that is increasingly a major source of concern in a world that is more and more “hyper connected” and where data is the real “fuel” the business needs to burn on its journey towards digital transformation. Often at the top is a Group CISO, but what could be their role in such context? And how to make it work?

CISO

The CISO and the Business

Keep appointing pure technologists in CISO roles and you’ll never win The Wannacry ransomware attack that affected so many large firms in May 2017 led to a number of animated...

risk management cycle

Managing Risk or managing risks?

There are many risk management methodologies in existence but it is not uncommon to come across large firms still following today simplistic, dysfunctional or flawed practices, in particular around operational risk management.

The main issue with many of those approaches is that they are plagued by a fundamental theoretical issue, which goes far beyond semantics: There is an abyss between managing “Risk” (broadly defined as “the impact of uncertainty on objectives”) and managing “risks” (events or scenarios that might have an undesirable outcome).

Poor IS Governance: A Recipe for Chaos

You can’t effectively implement brand consistency without first establishing some clear brand guidelines, and the same rule applies to Information Systems. Deploying information management systems without any guidance on how and when to use them is a surefire recipe for chaos.

CIO WaterCooler