Skip to content
  • About
  • Resilience
  • Analytics
  • Architecture
  • Testing
  • Management
  • Risk
  • Other
A black swan

Black Swan Security

A blog about cybersecurity.

Tag: assurance

March 14, 2020April 1, 2022 Phil

Triage in Supply-Chain Cyber Risk Management

Management, Risk, Security

During my career, I have helped several firms design and operate supply chain cyber risk management (SCCRM) programmes.  I have some ongoing concerns that I have posted about before about the industry focus on self-reported checklists of various quality. I also have some heightened concerns regarding the use of externally…

Read More
June 29, 2015April 1, 2022 Phil

20 questions on cyber-supply chain risk management

Management

I recently wrote an article for Banking Technology that has been generally well received, I’ve decided to include it here on the blog for future reference. I’ve enjoyed working with Banking Technology and thoroughly recommend the editor David Bannister who has clearly been around the block enough times and has a…

Read More

Recent Posts

  • What I’ve learnt writing cyber strategies with grand scopes
  • What do we protect in Cybersecurity?
  • Managing Identity Consciously
  • Why I don’t like PIGs in Security Risk
  • Security Folkways and Deliberate Security Culture
  • Homebrew Monte Carlo Simulations for Security Risk Analysis Part 2
  • Open Security Summit 2020
  • What are we missing in risk?
  • Commercial & Government Cyber Conversation
  • Through the barricades..
  • Modern Security Risk Presentation
  • What are Information Assets?
  • Dressing up security with Bow-Ties
  • Asset Management Measurement for Cyber
  • Triage in Supply-Chain Cyber Risk Management
  • Security on the Bottom Line
  • What is Likelihood?
  • What is Information Security Risk?
  • Serious Business?
  • Invest in the CIO, before the CISO

Tag Cloud

44con 27001 analytics architecture assurance big data board boardlevel ciso conference cyber cyber resilience cyber security cynefin data science engagement governance information security infosec leadership management measurement OODA pen testing principles protectivemonitoring regulation resilience resistance risk security security analytics security architecture zones trust securitymanagement security management security management cyber securitymonitoring security risk securitystrategy securitytest security testing strategy supply chain testing third-party

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

If you would like to ask a question or comment on anything I have written here please contact me via Twitter at @oracuk, if you can please link back to the post in question in your tweet.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 United States License.