Posts

Black Swans and other things

Back swans and other things. For transparency I’m not an academic. What I enjoy doing is reading academic works, it does not matter what field, with the objective of attempting to answer questions I have related to information and cyber security.
Two [of many] questions [the context throughout this blog are businesses, organisations, and information and cyber security]. Why, in the many cases that have been documented, do Chief Information Security Officers [CISO] get shown the door following a major breach of a company network? Whilst CISOs are highlighted, others having a similar role but not called CISOs, are also covered under this question.Why, given the current situation of COVID-19, were many businesses unprepared?
The unauthorised attempts at infiltrating a company network, are not outliers [thus not a Black Swan], they happen daily, it is the norm.

The evidence, even though prejudiced in itself, is there for all to see. I say that the evidence is prejudiced simply because no…

Info and Cybersecurity tips - working from home

Image
Working from home - hints and tips Pretty sure you will have seen so many hints lately about working from home, using laptops and so forth. 
First, if you have not heard of KanSecurity Ltd - it is based in Carlisle, Cumbria, and in fact has been for a good number of years. As a company it provides, advice; guidance; help; training, on all matters related to information and cybersecurity.  Nigel, the owner, is a veteran [25 years] and has been working in the world of information and cybersecurity for over 30 years. So, work is mainly with larger organisations and businesses BUT, KanSecurity Ltd is here to help micro, small and medium businesses in any way it can. 
Lets face it information and cybersecurity is complex, and not always fully understood by your IT Service Provider. KanSecurity works with your IT Service Provider, not against them. So whilst they will do a brilliant job of sorting out IT - is that IT Security, Computer Security, Information Security or Cybersecurity? There&…

Rise of the Checklist

Image
Rise of the checklist


With thanks to the coronavirus, there has been a rise in checklists; what you should or shouldn’t do and so forth.
Well here is another one, but this time with a twist.
Let’s suggest for the moment that there is no business continuity plan [BCP] in place, or if there is a plan [created to satisfy a client] but quite frankly isn’t worth the paper upon which it was printed, then: What did the IT team have to put in place, at a rush and without testing [probably] to enable staff to work from home?Make a listWhat did the HR team have to put in place, at a rush and without testing [probably] to enable staff to work from home?Make a listWhat did the payroll team have to put in place at a rush to ensure that staff can continue to be paid?Make a listWhat did team leaders have to put in place, at a rush, to ensure that staff working from home are supported; do not feel isolated; do not become stressed?Make a listWhat did the business have to put in place, at a rush, to en…

A laptop called information

Image
Information asset – a laptop too far
An asset is most often defined as being something of value [to the business]; a resource that has economic value.
In accounting terms, ‘of economic value [to the business]’ means, a resource that has the ability to generate financial benefit [or loss]. 
An information asset could be defined as being a body of knowledge [information], a resource that has economic value, [benefit, or loss to the business]; where a body of knowledge is the collection of information gathered together in one or more places.
For example: an information asset [a body of knowledge] that is intellectual property [IP] could be said to have financial benefit; it is has economic beneficial value to the rightful owner. However, if other parties gain unlawful access to the IP for their financial benefit, this could impact upon the lawful owner’s rights. How important then is that IP to its rightful owner? 
To put it another way; if the lawful owner of the IP does not put mechan…