Tag Archives | program

(c) Depositfiles / 	katacarix

Entering the era of pervasive security

I often open a keynote presentation by noting that organizations are undergoing a fundamental shift in security strategy – moving from compliance focused, to a risk based approach. That’s still ongoing, even for large and sophisticated organizations there is still a gravity towards ‘doing it for the audit’, rather than ‘doing it because there’s risk’. […]

Continue Reading
(c) Dreamstime / Mosich.com

How much should you spend on security?

I regularly get asked by new CISOs for information – benchmarks – on how much organizations like theirs should spend on security. That’s a deceptively simple question, and while there’s plenty of surveys that you can reference, none of them provide more than a rough starting point – there’s just too many variables.

Continue Reading