What do you think this is?

just thoughts of a restless mind...

To cyber-insure or not?

To cyber-insure or not?

Professional liability insurance has been around for long. It is not a surprise that Cyber Insurance is becoming a trend lately, considering the constantly raising number of security breaches. The post in one sentence: Cyber insurance is a good thing but be careful what you wish for.

Read more ...

Tagged in : risk management, business

Steps in no-man’s land

Steps in no-man’s land

Some major breaches have seen the light of day lately, and everybody agrees that they will keep coming. I don’t believe you will find any security professional respecting himself to tell you that this will stop. The reasons are many, but the most important one is the (lack of) security design. Systems, processes and services have been moving to production without security design for years. And unfortunately in many cases they still do.

In our (security) profession it is becoming common to jump on each other’s throat; and the result is the public blaming of the CISO involved - like leaving them alone to take some hard steps in the middle of no man’s land.

Read more ...

Tagged in : business, security, leadership

The expectation of privacy

The expectation of privacy

Everybody has something to say about the Facebook / Cambridge Analytica case. And I am annoyed by people saying that when you give your data to Facebook, you forego some parts of your privacy (true) so you should not be surprised (false). In simple terms, it was an actual data breach. Individuals who had not consented, had their data exposed. This was not supposed to happen. There are two aspects I would focus on regarding this issue:

Read more ...

Tagged in : privacy, business