Category: Information Security

Cyber Security

Cyber Security: The Six Questions the Board Needs to Ask

Fundamentally, the Board of Directors needs to go back to basics on cyber security matters: Time has now gone to continue approaching cyber security purely from a Risk perspective. Risk is ultimately about “things that may or may not happen”. When it comes to cyber security, the Board should start from the premise that cyber attacks are a matter of “when”, not “if” – and should shift the focus towards understanding and managing what is actually getting done to protect the organisation.

Cyber Security

Cyber Security: When True Innovation Consists of Doing Now What You Should Have Done Ten Years Ago

We are coming to a point in many large firms where true “innovation” in the cyber security space does not consist in deploying the latest tools, but in going back to the governance drawing board.

Role of CISO

The role of the CISO, the CIO and the Board

In earlier articles, we have examined the challenges of the CIO around Information Security, the importance of the CISO reporting line, and the fundamental role the Board of Directors has to play to drive security transformation.
Here, we revisit and develop further some of these aspects in line with new reflexions and some feedback we received.