CI Cyber Security

The blog is intended to help those aspiring to get into Information Security (InfoSec) / Cyber Security as well as to support those already in the role to learn and develop your own security programmes. The focus is on supporting continuous improvement - making things better progressively.

▼

Friday, April 15, 2022

People Centric Security – reframing your perception

Making people a strong asset in the management of risk During my time working in information security, it's not been unusual to hea...

Tuesday, December 28, 2021

Choosing a pen test provider

This article introduces the basics of pen testing and provides pointers on how to choose a suitable supplier to perform your testing. Whi...

Thursday, September 16, 2021

Information Security - management reporting

As with any department within a sizeable organisation you need to produce reporting to communicate information to the board and senior ma...

Sunday, July 18, 2021

Cyber Security - professional training options

Throughout my time working in Cyber Security, I have attended a variety of different security training courses that have helped me to succ...

Thursday, July 1, 2021

How to identify people related phishing vulnerabilities

Phishing is a significant threat to organisations and remains a common vector that threat actors used to compromise organisations. Whilst...

Sunday, May 23, 2021

Creating a good security culture

This article introduces the concept of a security culture and provides guidance on how you can positively influence and evolve the cultur...

Tuesday, April 6, 2021

Keeping track of application security flaws

This article provides a granular view into how to track and visualise application security flaws. It builds upon a previous article that pr...

Sunday, March 21, 2021

Delivering a behaviour focussed security training programme

Companies often start out delivering a security training program to meet compliance requirements driven by standards and regulation. This h...

Sunday, January 31, 2021

The fundamentals of Information Security

Information Security is a specialised risk management function that supports the business to understand and manage security related risk....

Tuesday, October 27, 2020

Keeping track of your applications' security posture

There are so many different indicators that you can use to track the security posture of your applications. The challenge is to determine...

View web version

About Me

cicybersec: I have been working in Information Security since 2013. Prior to that I spent 10+ years’ working in IT, holding roles in both infrastructure and development. Much of my experience has been gained in medium to large sized organisations predominantly in financial services. I am currently the Global Head of Information Security Governance in a role I’ve held since 2019.

View my complete profile

Powered by Blogger.