[Reading time: 24 seconds]

I am fortunate to be in the south of Spain this Easter.

Easter week (‘Semana Santa’) is a big event for the locals. However, I’ve noticed that Easter eggs are not a ‘thing’ here*.

By comparison, many of the supermarkets in Ireland seem to be held up by never-ending walls of Easter egg boxes.

What has this got to do with cybersecurity?

What we regard as [normal] may not actually be as normal as we think.

How your organisation deals with cyber security risk may not be [normal].

It may just be [the ways things are done around here].

It’s important to check that [the way things are done around here] is not also [the way cyber criminals like things to be done].

To figure out [how things should be done around here], I recommend you use frameworks (e.g. Cyber Essentials, CIS Controls, NIST CSF) and regulatory guidance (e.g. DORA) as your guide.

And if you need help, I can also be your guide.


* This has been an issue for one person here, but the wide availability of Fanta Limon and Haribo jellies has helped to ease the pain.