Board Level Cyber Considerations
As a follow through to the Poll ‘’Do Directors Understand Cyber Threats’’ I will offer a series of GRC level considerations over the next fe days. Contributions welcome!! Board Concern: Do we have an...
View ArticleINFORMATION SENSITIVITY POLICY
The primary objective of the Information Sensitivity Policy is to provide guidelines for the data classification issues of information collected and processed by information systems activities of an...
View ArticleHOW TO STRENGTEN RISK MANAGEMENT
HOW TO STRENGTEN RISK MANAGEMENT John Kyriazoglou* Effective risk management requires both hard and soft controls. Hard controls are formal policies and procedures and how well or not they are designed...
View ArticleBUSINESS BOOK
Pre-Announcement: Business Management Controls Book Please see following link for reviewing (and purchasing at a cheaper price) my new book on business controls....
View ArticleFree Business Controls Material
Free Business Management Toolkit-Demo Please note that a free downloadable Business Management Controls Toolkit demo is now available for immediate download. It contains around 10% of the full...
View ArticleDo Boards of Directors really understand Cyber Threat
Given that Boards of Directors are primarily focused on strategic risks e.g. market, competition, labor costs, regulation etc. what can they be expected to know about Cyber Threats? Do they know the...
View ArticleWhat Questions should Board Director’s ask/consider?
In response to my earlier Blog ‘’Do Boards of Directors Understand Cyber Threats’’ I have posted (look in Documents) a presentation which I gave to the Financial Services Club. The topic is Cyber...
View ArticleThe 15 cents problem: The dollars and cents of good InfoSec
The 15 cents problem: Approved: 15 cents of Information Security will successfully protect only 1 Billion USD in sensitive data processing. Not Approved: 1 Billion USD of Information Security will...
View ArticleGovernment Organisations Governing (Asking Question/Interrogati
I received many interesting comments and one interesting query arising from my Blog (Do Board Directors really Understand Cyber Threats). The query relates to the dilemma for people in Government...
View ArticleWhere Was Lehman’s Board? An analogy for Boards of Directors an
Further to my Blog ‘’Do Boards of Directors Understand Cyber Threats’’ I thought that members would benefit from this Wall Street Journal report (Sep 15 2008). Nine of them were retired. Four of them...
View ArticleCyber Governance in Government Organisations
I received a thoughtful and detailed comment from a member (P) in the US who described compliance controls etc which apply in his State. I believe that he should blog his comments and hope that he...
View ArticleBreaking the News & Keeping the Trust
The exact point or stage at which an event becomes a crisis for an organisation will vary. I’d like to get your views, contrary or otherwise, on three key questions, (or accusations, if you are on the...
View ArticleNew Poll: Do Boards of Directors Understanding of Cyber Threats
Before I launch this Poll I think it only appropriate that I should ask contributors to the blog (Do Boards of Directors Understanding of Cyber Threats?) for their suggestions as to the range of...
View ArticleThe Case for Endpoint Operations and Endpoint Security Converge
Ask any IT administrator where their greatest security risk lies and they will tell you it’s at the endpoint. The endpoint has expanded well beyond a desktop to include mobile devices, which allow...
View ArticleDo Boards of Directors really understand Cyber Threat
As a follow through to the Poll ‘’Do Directors Understand Cyber Threats’’ I have offered a view of typical corporate concerns and assurance. Whereas Board Concerns can be simmarised as: Do we have...
View ArticleLessons to be learned by CTOs from the mistakes of CROs!!
John Kay is one of the top 3 Financial Times columnists. He has written a super concise summary on how and why complex models caused the collapse of the global financial system. Are there lessons to be...
View ArticleCORPORATE CONTROLS IN THE DIGITAL ERA
Why are corporate controls needed in the present Digital Era John KYRIAZOGLOU, M.S., B.A (Hon.), Management Consultant Author of ‘IT STRATEGIC & OPERATIONAL CONTROLS’ (www.itgovernance.co.uk), And...
View ArticleCORPORATE COMPLIANCE AUDIT PROGRAMS AND CHECKLISTS
This document (please see my documents) contains a set of audit program and checklists that are designed to be used my managers, auditors and compliance staff in the process of establishing,...
View ArticleSeven rules for building and managing an effective team buildin
Seven rules for building and managing an effective team building By John Kyriazoglou* The following seven ‘rules’ may be customized and used by any manager in setting up and managing an effective...
View Article10 security problems that tend to be overlooked.
MY WORD - Many would agree that the 10 security problems listed here are all too common and have been as such for a very long time. That may be so but keep in mind that this will not change....
View ArticleICS-CERT report, a worrying increase of cyber attacks
It's been long debated the need to protect critical infrastructures from cyber attacks, cyber threats could hit foreign countries causing loss of human lives identically to a conventional attack. Don’t...
View ArticleDefeat Cyber Threats with Corporate Governance
In a recent interview, I was asked what steps the board of an organisation can take in order to deal with cyber related threats. There are many actions that can be taken. I believe corporate...
View Article20 Cyber Controls For The Financial Regulator
20 Cyber Controls For The Financial Regulator Paul C Dwyer Chief Executive Officer at Cyber Risk International “Cyber risk is a matter for the board and senior management, not only for the IT...
View ArticleWe live in two worlds
We Live in Two Worlds When approaching a topic such as cyber security, it’s important to realise that effectively we live in two worlds. We live in the real physical world where we have no option but...
View Article
