Well, not quite, but it isn’t far from the truth. A few months ago I was approached by a security vendor to see if I would be willing to join them as a Security Advocate, a first of its kind position int heir company. I was referred to them by my old chum and average …
Author Archives: Thom Langford
The New Etiquette of Webinars (insert post-Covid statement here)
Hands up if you have been to an in-person conference or summit since the middle of March this year. Yeah, me neither. And so we saw the rapid build-up of the online webinar, starting from the first tentative steps made by the BBC’s Have I Got News For You, through to LinkedIn Live, Zoom based …
Continue reading “The New Etiquette of Webinars (insert post-Covid statement here)”
When Auditors Attack!
Although I am not a formally qualified auditor, I have had a fair amount of experience of carrying out audits and risk assessments in met various roles towards becoming a CISO. I have also been able to present on the topic and have articulated many of the unique challenges faced by auditors and audits alike. …
All Fun & Games
Business Continuity Plans; probably the most important, yet undervalued and underfunded, part of your security team. This is the team that deals with what might happen to kill you tomorrow, versus what is actually killing us today. A justifiable investment is very hard to make, because they prove their worth when nothing happens; much like …
Too Much of a Good Thing
The one thing the current lockdown has taught me is that you really can eat too much chocolate… who knew? Left to my own devices and without the distraction of a routine, regular work and people observing my unhealthy eating habits, my faulty brain tells me that more chocolate can only be a good thing …
Strategic Defense
Most people who know me will understand when I say I am not technical in my field. Indeed, I have often spoken about how a CISO should not be technical; that doesn’t mean a CISO should not understand technology, but rather that is not the focus of the daily job. So what should a CISO …
Busy Doing Nothing?
When you are faced with managing third-party risks, it can feel like a Sisyphean task at best. Even a small organisation is going to have 20+ third parties and vendors to deal with, and by the nature of a small business, absolutely not a full-time person to carry them out. As an organisation grows, at …
Command, Control, and Conquer
Back in the ’90s, there was a game released called Command and Conquer, a strategic game whereby you had to manage resources, build, train and mobilise armies and conquer the neighbouring armies. It was a classic that spawned many spin-offs, sequels and addons for decades. What struck me about it though was how multi-skilled you …
The Runners and Riders of Lockdown
After over six weeks of some kind of lockdown here in the UK, and similar amounts of time elsewhere in the world, it has become very obvious to me that many companies out there are simply ill-equipped to deal with the change in lifestyle the lockdown demands. By ill-equipped, I don’t just mean from a …
Shameless Coronavirus Special Promotion – Risk Edition!
Many, many moons ago, my good friend and learned colleague Javvad Malik and I came up with a way to explain how a risk model works by using an analogy to a pub fight. I have used it in a presentation that has been given several times, and the analogy has really helped people understand …
Continue reading “Shameless Coronavirus Special Promotion – Risk Edition!”
(TL)2 Security Ltd 