The conflict of interest when your security expert works for your IT service provider.
If you think using the cloud means someone else is managing your cyber security, you need to get your head out of the clouds.
Cyber 3-2-1: What do a supply chain attack, a malvertising campaign, and an existential crisis look like?
Cyber 3-2-1: How attackers make a hit; IT service providers and consultants are top of the wrong charts, and the latest hit from CISA’s.
The difference between being legally right and morally right.
Cyber 3-2-1: Why do you rob IT providers / SaaS services / legal firms? Because that’s where the data / money / reputations are.
When it matters, you would never ask a student to correct their own homework. Same story for cyber security.
Just because you outsource IT does not mean you don’t have IT risk.
Is the person with the keys to your Microsoft 365 kingdom actually using the locks?
One email could be the best thing that ever happened to the security of your Microsoft 365 environment.