“We Take Your Security Seriously” exclaims every single company after a data breach. No. No you don’t. Not even a bit. If you took our security seriously you would have implemented a governance structure that prioritised the importance of our information; a set of procedures that ensure a repeatable, reliable and effective way…
A common challenge within the information security industry, especially in non-technical areas, such as implementing an Information Security Management System (ISMS) for example, is to agree on what information security means to an organisation and what the correct approach is to achieve better information security practice. Information security as an academic topic, is not yet…
One of the worst states of mind an executive can have is the notion that their company is secure, because they are compliant with “you name it” regulation. HIPAA runs healthcare. PCI runs payments. Remaining compliant with each allows you to do business, it does not prevent your business from becoming a target, or allowing…