I often think that “risk management” is a misnomer. You don’t actually manage risk. For all of the claims made by the statisticians, there’s pretty much a polar element to any risk of attack, cyber or otherwise. Either you’ll get attacked or you won’t; I calculate that at 50/50. Mitigate that with the amount of […]

Security in a business is about technology by all means, but it’s also about management. Lots of companies risk non-compliance in spite of having all their IT up to date, firewalled and ring-fenced, because they have failed to communicate a few concepts to their personnel. Take the High Street retailer whose technical compliance and social […]