Are your cybersecurity defences in a hopeful, comfortable or provable state?

By |2020-05-20T11:40:36+00:00May 10th, 2020|Categories: approach, cybersecurity, mindset, risk|Tags: |

Cybersecurity is a technical topic. If technology is not your primary area of expertise, it can be difficult to assess how your firm's current security measures stack up. My Tri-State Assessment Matrix can help, as it avoids the techie speak and focuses on your gut feeling about three areas - technical defences; human defences; regulatory alignment. How these areas are currently positioned gives a strong indication about how IT security is being managed in your firm.

The 12 steps that regulated firms are taking to go from unsure to secure

By |2020-06-08T13:55:57+00:00February 28th, 2020|Categories: approach, change, cybersecurity, strategy|Tags: , |

When IT is your responsibility but not your primary area of expertise, it can be difficult to figure out how to gain the IT capabilities that you want while ensuring you have the IT security that you need. My roadmap, containing 12 steps across 4 phases that I call the W4 Methodology, can help you work through the process in a pragmatic and sane way.

Playing golf with a shovel

By |2019-09-06T08:42:40+00:00September 2nd, 2019|Categories: approach, cybersecurity, it service provider, risk|

Running a professional organisation using technology that is designed for the home is like playing golf with a shovel. From a distance, it all looks fine. But you don't need to get too close to realise things aren't going to go well when there's real competition on the course, or if the weather changes.