This is an Accepted Manuscript of the article published by Taylor & Francis in EDPACS , Volume 57 Issue 6, available online: https://doi.org/10.1080/07366981.2018.1476312 Abstract Metaphorizing is the principal means with which to conduct our thinking. … Continue reading Weakest link, or… – extended version
I was asked to participate in a Q&A session late last year, focusing on what the new year holds for us. It was the season for this type of activity, along with goal settings and … Continue reading Extended Q&A
Introduction An information security policy is a fundamental element of protecting information assets. It would not be an exaggeration to say that an effective information security framework starts and finishes with a well-defined and well … Continue reading On policy/standard development
This is an Accepted Manuscript of the article published by Taylor & Francis in EDPACS , Volume 57 Issue 4, available online: https://doi.org/10.1080/07366981.2018.1444009. I am often asked what information security framework I use. Well, … Continue reading On frameworks – how to build one?
This is an Accepted Manuscript of the article published by Taylor & Francis in EDPACS , Volume 57 Issue 2, available online: https://doi.org/10.1080/07366981.2018.1426929. Abstract GDPR is not an easy read, so most … Continue reading GDPR – A Y2K-II for business?
I listed a number of cognitive biases and errors in a previous, related post. Anchoring, cognitive tunnelling, cognitive closure and reactive thinking were mentioned. As promised, I am providing further exposition on these cognitive biases … Continue reading On thinking – Urgent or important
Thank you all for your responses to the questions I posed in the context of tertiary education in the little essay on education. I learnt a great deal from your responses. Here I’d like to … Continue reading On education – Part 2
My wife has been hospitalised recently. The bottom of sodium and potassium levels in her blood has fallen out. She had to be put on life support and at one stage permanent brain damage and … Continue reading On thinking – observations from a hospital bed side
“Information Security is only as strong as the weakest link in the chain” The above statement seems to be popular. It appears time to time in blogs, on company websites, in research, in white papers, … Continue reading Weakest link, or… – short version
“…I think that the minute that you have a backup plan, you’ve admitted that you’re not going to succeed…” The above quote was making its rounds on LinkedIn for a while. People “liked” it. Many … Continue reading Backup plan – planning for success
“What is education for?” This is a question I sometimes ask in conversations about university courses. The response is usually a bewildered look, even on the face of some high ranking academics. After a few … Continue reading On education – Part 1
I was approached by a number of people recently, asking my opinion on frameworks. TOGAF, SABSA, COBIT 5, CMMI, and the list go on. Their roles include CISO, security engineer, consultant and so on. A … Continue reading On frameworks – how to choose one?