You Don’t Need a GRC Platform to Get ISO 27001 Certified
Every man and his dog has a GRC tool these days. But the platform won't do ISO 27001 for you…
Blog
The Essential 8 isn’t 8 controls. And it isn’t really a framework. Here’s what it actually is.
The Australian Signals Directorate's Essential 8 is one of the most widely-referenced cyber security frameworks in the country. It's also…
The prompt is not the problem
We are in danger of building a society full of architects with nobody left to pour the concrete. A leader…
GRC Software Is Powerful. It Still Needs a Pilot
For COOs and CFOs, frameworks such as ISO 27001, SOC 2, NIST CSF, the Essential Eight and CPS 234 are…
Road to 2K – (re)Starting My RowERG Journey
I purchased a Concept2 RowERG around about 2020, and it had small amounts of use here and there, before being…
Building Trust through Transparency: How Managed Security Services Providers Can Enhance Visibility and Assurance
In the wake of high-profile breaches like the Medibank incident of 2022, trust in managed security services providers (MSSPs) has…
Are you reporting your poor cyber-security posture to the board? 🏢
Are you reporting your poor cyber-security posture to the board? 🏢Why not?As a director or c-suite exec, you are obligated…
Why would I want to be a CISO in this environment?!?
⚠️ Cybersecurity friends and fellow CISOs ⚠️The SolarWinds news has been a wake-up call for many of us. It's prompted…
Are enterprise architects the new platform team leaders?
Really interesting view point; building platforms and services (platform engineering) is being recognised in the same sentence as enterprise architecture.…
#LinkedInMusings: Why I canned my accountant – Stick to Your Promises
In this current environment, you need to stick to your promises. I just ditched my accountant of 3 years. Last…