Beware of the ‘Pet Rock’ Cybersecurity Vendors

In April 1975, Gary Dahl had an idea. A genius idea as it turned out, particularly when you consider that he made roughly $28 million dollars (adjusted for inflation) from something that was, to all intents and purposes, completely useless.

The Pet Rock was just that, a rock. No paint, no googly eyes, nothing, just a rock taken from Rosarito Beach, packaged up and sold for $20 each.

He sold 1.5 million of them.

Continue reading

Froud on Fraud – Cybersecurity Predictions for 2020

In 2016 I predicted that:

  1. Identity Management will begin to replace single-factor authentication;
  2. Identity Management will be decentralised onto consumer mobile devices;
  3. HOW you pay will become increasingly irrelevant;
  4. Value-Add Services and Customer Service will be the only differentiator;
  5. Loyalty Programs will begin to centralis;

Even 3 years later only 1 of these things is becoming [slightly] true (#1).

In 2017 I predicted that:

Continue reading

Which GRC Tool Do I Recommend for GDPR Compliance?

None.

That’s right, none. Not until you’ve done a LOT of homework first. Even then, the most you’ll get from me are the right questions to ask to move forward, and [eventually] help with your vendor due diligence.

Besides, true security consultants should never ‘recommend‘ a specific technology by name, let alone by vendor. Our job is to provide you options based on a detailed breakdown of the security control function gaps that require filling, which in turn were determined from the results of an appropriate risk management life cycle. i.e. [simplified]:

Continue reading
Data Discovery

Which Data Discovery Solution is Right for Your Business

Anyone who reads my blogs knows that I’m not highly technical. In fact, I have warned organisations against buying technology [for technology’s sake] more than I have ever recommended it. And I will continue to do so until everyone is following the pre-purchase golden rules:

Continue reading