Board of Cyber

I have a lot of sympathy for UK boards of directors.

UK boards of directors have had cyber pushed onto their agenda by the government, regulators and the Financial Times for several years. Unfortunately many board members are often ill-equipped to fully understand the executive decisions regarding cyber they have now been prompted to review. This is exacerbated by a similar lack of understanding of cyber security among executive management teams and a lack of communication skills and business acumen among CISOs.
Read the rest of this entry »

Resilience is the new cyber security

This was a short introductory presentation I gave at the Investment Week Fund Management Summit in October 2015. This was a 30 minute presentation to a non-specialist and in some cases non-IT audience and as such it is higher-level and much of the material was discussed verbally rather than on the slides. That said it was well-received and I think helped some of the audience understand some of the issues around ‘cyber’.

Cyber Resilience: Managing Cyber Shocks

These are the slides supporting a presentation on the need for and the concepts behind Cyber Resilience and how it differs from Cyber Resistance. I talked about these concepts previously in the ICI Global Cyber Security Forum keynote I delivered and my notes from that speech are available here.

Managing Insider Risk

A short presentation I gave to the July 2015 NED Forum on using the ‘Critical Pathway to Insider Risk’ to Manage Insider Risk. This was a very conversational event so the slides are even more terse than usual. I’ve removed a slide on my employers proprietary technology in this area. This was a small gathering but a vocal and interactive one.

For more background on the Critical Pathway to Insider Risk I recommend the following paper [PDF].

ICI Global Cybersecurity Forum 2015 Keynote: Cyber Resilience

Yesterday I was lucky enough to be given the opportunity to deliver the keynote for the ICI Global Cybersecurity Forum in London. It was a great event with some seriously considered debates, some well run panels and lot of practitioners I hadn’t met before. I’ve decided to publish my speaking notes here, I rambled all across these notes and embellished in many places but these reflect the main body of my speech. I was especially pleased with the level of engagement after I spoke, mostly to prove I wasn’t as bad as I feared, but also it showed I had touched a nerve with many on the room.

I include my speaking notes below, these borrow heavily from a draft whitepaper I have been writing and sharing with clients and other stakeholders for their comments.

  Read the rest of this entry »

Twitter RSS