Is Digital Security a market for lemons?

Is Digital Security a market for lemons?

Although information security has a long history, it wasn’t really top of mind of senior management, Board or other employees until late 2010s. A “security professional” became a real job and market demand has grown ever since. Awareness about security risks increased significantly. The thriving forces for this were major security breaches such as Snowden, NotPetja and WannaCry shocking the world, but also regulators demanding companies to protect their critical

De stille vijand in cybersecurity

De stille vijand in cybersecurity

Het belang van goede security wordt doorgaans alleen door harde lessen begrepen. Pas na een ramp beseffen mensen dat het verstandiger zou zijn geweest om vooruit te denken en in security te investeren. Keer op keer stellen naïevelingen zich bloot aan grote risico’s, om achteraf te erkennen dat veel schade voorkomen had kunnen worden door basale securitymaatregelen. In de huidige praktijk zijn beveiligingsverbeteringen vooral gericht op het implementeren van nieuwe

Which of these 4 CISO archetypes do you deserve?

Which of these 4 CISO archetypes do you deserve?

Why is it that CISOs have such a low retention in firms and leave after 1-2 years? Is this because recruiters and HR professionals find it hard to discover what is actually needed and “copy paste” function profiles with the exact same requirements, rather than looking at the real need in the organization: M&A strategy, family business, scale-up phase, consolidation, preparing for sales of the company, cultural differences etc.? The

The ethics & economics of cyber risk

The ethics & economics of cyber risk

With regard to privacy, regulators are licensed to impose fines on underperformers. Shouldn’t that also be the case with cyber risk in general? Somehow the ethics and economics of cyber risk follow a different path. The regulatory imperative that acts as an incentive for improvement in many sectors, seems to be non-existent when it comes to cyber risk. One might say that we need more incentives for maturing analysis of

Breaking the perverse model

Breaking the perverse model

Too many people still think cyber risks are not real. “It won’t happen, because it has never happened before.” There lies the biggest challenge. The employees of a company pose a challenge for cyber-risk professionals. Time and again they turn out to be the weakest link in the chain. There are also charlatans which appear on the market. Security is a growth market where a lot of money can be

Digital risks to business, what do they cost?

Digital risks to business, what do they cost?

Analyzing Business Information Security for a data breach use case In a digital business world that is highly distributed via an eco-system, ensuring your digital assurance becomes vital. Everything needs to continuously work and Confidentially, Integrity and Auditability have to be assured, especially when your business is regulated and should demonstrate to be “in control”. Nevertheless, how do we do that when business models are under fire by hackers? Hackers