Articles

Restricted Intelligence Blog Series

I’ve known the good folk at Restricted Intelligence for a while now, I was in their offices recently as they had invited me in to provide a consultants perspective around information security awareness programmes. During the visit they asked if I would write a blog series with some tips on how to increase the chances of running […]

Conferences

SANS European Security Awareness Summit

Last week, I had the privilege of presenting along Denise Beardon (Head of Information Security Engagement at Pinsent Masons) at the SANS European Security Awareness Summit. Towards the end of 2017 Christian Toon (CISO at Pinsent Masons) asked if I could come onboard as an interim consultant to kick-start their information security engagement stream of work whilst he was […]

Conferences

The Security Culture Conference 2016

A couple of weeks ago I was back in beautiful Oslo (One of my favourite cities – I could definitely live there!) for the Security Culture Conference. Last year we had around 25 people for the inaugural conference which was held on an island just outside the city – see my write up on that here. This […]

Conferences

SteelCon 2015

Last week I presented my “Popping the Bubble” talk at Steel Con – The North’s Premier Hacker Con – https://www.steelcon.info/ – I think it went down quite well and there was some spirited discussion after the talk. Robin (@digininja) and the crew put on a great conference at an amazing price of only £20 – The goodie […]

Conferences

The Security Culture Conference 2015

So the Security Culture conference happened! On an Island…no really…it was on an island…look… The journey there took about twenty minutes on a ferry and a small boat to get to the island called Lille Herbern. The venue was actually a restaurant – the only one on the island. The day began with Roar Thon’s […]

Books

Build a Security Culture (Fundamentals)

My good friend Kai Roer has written an easy to digest book on security culture. Anyone who has been in security for a while will know of Kai and his work on security awareness and culture. He was very kind give me a mention in the book, cheers Kai! It’s a short and accessible book and you […]

Articles

Tools Don’t Change Behaviour People Do

What makes an information security awareness programme effective? As in most cases the answer is “it depends”. Let me elaborate; if your goal is simply to obtain that magic compliance tick then maybe you’ll use some form of computer based training (CBT) coupled with some quizzes and possibly a few videos on your intranet page […]

Back To Top