I had cause recently to participate in a workshop considering identity across an enterprise and I wanted to share some of my thinking which was unexpectedly useful. Identity is a slippery thing, it has real world hooks but in the digital world it can be many-faceted and complex. Both real…
Category: Architecture
Good security is a conversation, not an argument. Part Two.
In my previous post, I outlined why I feel the lack of good conversations between security practitioners and other people in their organisations leads to poor outcomes. A crucial part of the challenge is the need to truly develop a dialogue both parties need to listen to the other. “This…
A change to the cyber risk landscape
On June 27th 2017 a cyber-attack called ‘NotPetya’ was launched against a large number of firms. The attack was notable for three reasons; it used a third-party software update mechanism to spread, it was a geopolitically motivated destructive attack that caused extensive damage to uninvolved bystanders it used automated techniques…
The Future of Security Automation.
It is entirely possible I am about to have a flying car moment. Recently I have been asked by a variety of product vendors and security consultancies for my opinions on the future direction of security and where they should be focusing their innovation efforts. I’m honestly not sure why…
The security opportunity in Digital
Four years ago I discussed some of the characteristics of cyber security that made the use of the term useful, this was at a time when the use of cyber security was widely derided by practitioners of IT security and Information Security. One of the common complaints was that Cyber…