This blog series is a re-tooling of a white paper I drafted in May 2015 while working at Stroz Friedberg. I want to thank Stroz Friedberg for the support and time to develop these ideas and specifically want to thank Bill Trent and Simon Viney from Stroz Friedbergs London office for…
SOC Value Chain & Delivery Models
I was recently working with a firm to develop their Security Operations Centre (SOC) from a good but limited capability to a mature enterprise capability. While working through the maturity assessment, formalising their requirements and developing a roadmap we needed to consider a variety of delivery model characteristics. To draw…
A Rising Tide of Cyber Regulation?
I don’t envy regulators their task of ensuring the firms they supervise are managing their cyber risk well. The increasing dependence of firms and whole sectors on information technology (IT) and operational technology (OT) was always a creeping concern but has accelerated dramatically as a result of the ‘digital’ movement…
Security Operations and the OODA Loop
I’ve mentioned Boyd’s OODA loop in a previous post but I thought it would make sense to share how I view the OODA loop driving the development of security operations. This is in contrast to the common derivation of the Deming cycle, that is often used in security programmes: Plan, Do, Check,…
Measuring Black Boxes, part one
I have been attempting to capture the process or to be more accurate the heuristics of how I analyse security architectures. This was originally driven by the time it took me to document my conclusions and the lack of any particularly well-suited tooling but has increasingly become an attempt to…