Almost every company I’ve worked for so far has had an overwhelming focus on technology when it comes to information security. A recent discussion on this subject had me thinking - and I did learn some things.  I’ve seen many board papers which, in their “security improvement plan” simply list a host of security toys... Continue Reading →

Other suitable titles I came up with: How to get more out of your MSSP than 90% of everyone elseQuestions you need to ask your MSSP if you actually care about improving security postureHow to win at MSSP'ing Gob-smacking attention-grabbing questions to make you realise you’re in the right place: What if the MSSP you... Continue Reading →