Beware of the ‘Pet Rock’ Cybersecurity Vendors

In April 1975, Gary Dahl had an idea. A genius idea as it turned out, particularly when you consider that he made roughly $28 million dollars (adjusted for inflation) from something that was, to all intents and purposes, completely useless.

The Pet Rock was just that, a rock. No paint, no googly eyes, nothing, just a rock taken from Rosarito Beach, packaged up and sold for $20 each.

He sold 1.5 million of them.

Continue reading

Froud on Fraud – Cybersecurity Predictions for 2020

In 2016 I predicted that:

  1. Identity Management will begin to replace single-factor authentication;
  2. Identity Management will be decentralised onto consumer mobile devices;
  3. HOW you pay will become increasingly irrelevant;
  4. Value-Add Services and Customer Service will be the only differentiator;
  5. Loyalty Programs will begin to centralis;

Even 3 years later only 1 of these things is becoming [slightly] true (#1).

In 2017 I predicted that:

Continue reading

Which GRC Tool Do I Recommend for GDPR Compliance?

None.

That’s right, none. Not until you’ve done a LOT of homework first. Even then, the most you’ll get from me are the right questions to ask to move forward, and [eventually] help with your vendor due diligence.

Besides, true security consultants should never ‘recommend‘ a specific technology by name, let alone by vendor. Our job is to provide you options based on a detailed breakdown of the security control function gaps that require filling, which in turn were determined from the results of an appropriate risk management life cycle. i.e. [simplified]:

Continue reading
Data Discovery

Which Data Discovery Solution is Right for Your Business

Anyone who reads my blogs knows that I’m not highly technical. In fact, I have warned organisations against buying technology [for technology’s sake] more than I have ever recommended it. And I will continue to do so until everyone is following the pre-purchase golden rules:

Continue reading
Skills Gap

Cybersecurity Skills Gap? You’re Clearly Looking in the Wrong Place

Like every other independent security consultant out there, I have to ask; “Cybersecurity skills gap? What the Hell are you talking about?”

I’m not even going to quote the plethora of doomsday statistics, but suffice to say the majority of organisations and Governments believe the cybersecurity skills gap is actually a real thing and getting worse. They have no idea that the experts to solve most security issues are out there with dumbfounded expressions thinking; “I’m sitting RIGHT here?!”

Continue reading