Posts tagged with: Linus Secure

How much should you spend on Information Security?

I was recently part of an AISA Discussion Panel on investing in Information Security. It was an interesting session, bringing together a range of perspectives on how to answer a...
Continue Reading →

It’s NOT about the Threats

As always, last week’s AISA Conference was a unique opportunity to liaise with some of the great minds of Information Security, identify innovations in the field, and gauge how the...
Continue Reading →

Fighting the wrong Information Security fire

One of the key reasons why Information Security is often poorly aligned with the business is the ‘siege’ mentality trap that Information Security practitioners have a propensity to fall into....
Continue Reading →

Defusing the Security Bomb – Part 2

In Part 1, I took a business perspective on the challenges involved in trying to achieve a balanced security approach and the pitfalls of poor alignment between IT and the...
Continue Reading →

Defusing the Security Bomb – Part 1

I often come across Business Managers who are nervous about their Information Security exposures, yet completely reliant on their IT or Security departments to ‘fix the problem’. With any IT...
Continue Reading →

Are standards worth the paper they are printed on? – Part 2

In Part 1 of this blog, I argued that relying solely on Standards as your blue-print for information security will leave you exposed, as they only offer generalised considerations, are...
Continue Reading →

Are Standards worth the paper they are printed on – Part 1

There are several Information Security Standards in the marketplace that are designed to assist information technology security (ITS) practitioners in protecting their organisation’s information and systems. I argue, and have...
Continue Reading →

Where do I start?

Last year I stumbled upon a concerning reality for many IS professionals. For many of the people I spoke to, the responsibility for Information Security had been unceremoniously dumped on...
Continue Reading →

The Goldilocks Result

We all know security is important, but simply throwing money at your information security (IS) investment is a costly and unreliable method of reducing your exposure to risk. So how...
Continue Reading →

Just Fix It: The Dilemma of an Information Security Professional

Businesses are becoming increasingly aware of the importance of Information Security. However, when a security problem does arise, the Information Technology and Security (ITS) team are often instructed to “just...
Continue Reading →