DORA; SEAR; IAF. Lots of acronyms. But the only one that matters is IRS.
The conflict of interest when your security expert works for your IT service provider.
When it comes to executive security behaviours, it’s a case of “Do as I say, not as I do”
You aren't rewarded for reading about cyber security.
The difference between being legally right and morally right.
Cyber 3-2-1: Why do you rob IT providers / SaaS services / legal firms? Because that’s where the data / money / reputations are.
When it matters, you would never ask a student to correct their own homework. Same story for cyber security.
Just because you outsource IT does not mean you don’t have IT risk.
Is the person with the keys to your Microsoft 365 kingdom actually using the locks?
Microsoft 365 is more than just email. It’s your Roman Empire.