I’ve known the good folk at Restricted Intelligence for a while now, I was in their offices recently as they had invited me in to provide a consultants perspective around information security awareness programmes. During the visit they asked if I would write a blog series with some tips on how to increase the chances of running […]
IISP Talking Head Piece – Security Culture
Over the last few years the discussion around security culture has come to the fore and having worked in and around this area for a while I welcome it; particularly when, one of the simplest ways to reduce risk to organisations is to have a security conscious workforce. However, it is not as simple as […]
Tools Don’t Change Behaviour People Do
What makes an information security awareness programme effective? As in most cases the answer is “it depends”. Let me elaborate; if your goal is simply to obtain that magic compliance tick then maybe you’ll use some form of computer based training (CBT) coupled with some quizzes and possibly a few videos on your intranet page […]
Information Security Buzz Article
My first article for InformationSecurityBuzz was published in February. I’m planning my next one and will try and get one out every month, hopefully, maybe 😉 Entitled – From Rookie Speaker To Mentor To Track Organiser – My BSides Journey. Check it out here
Popping the Bubble
Are you living in a bubble? Now you’re thinking “Bubble? You what…” Let me explain. My experience is that a lot of the time we security types – yes, you and me – don’t actually know what the rest of the departments within the business actually do on a day-to-day basis. We know they exist […]