I have been overthinking cyber risk. I’ve been trying to build a reliable model that I could rely on to mechanism my risk assessments. I’ll continue to refine my ideas because I enjoy the intellectual challenge. However, I am of the opinion that until we have the cybersecurity equivalent of…
Tag: management
Talking Up Security
A keynote I gave to GDSCon 2017 on how security practitioners should engage with senior executives. Talking Up Security from Phil Huggins FBCS CITP
Strategic Security Management Challenges
I was recently asked by a consultancy firm to provide a keynote talking about the challenges I had faced as a security leader during my career and how the consultancy could start thinking about how to help people in my position. I appreciated the customer-first orientation they were adopting, refreshing in…
Not so basic but definitely essential.
We keep talking about new shiny, and increasingly fragile, controls that will prevent attacks or fiendishly clever algorithms or AI to which we can outsource all that hard or fast thinking we’re not good at but we are all still staring down the barrels of a loaded data breach gun waiting…
Cyber Resilience: Part Six Recommended Reading
Here are the sources used when developing the thinking behind this blog series: