Every major crisis faced today is like an oncoming avalanche - but started as a pebble-sized risk overlooked. How pebble risks grow exponentially over time and how to effectively assess/preempt/mitigate are keys for effective operational resilience.
In both design and function, the A-10 is the ugliest aerial beauty to behold. Practical considerations manifest in the planning, it offers examples we can apply to our organisations' operational resilience/ continuity of business/ cyber security design and implementation. When failure is a given rather than an option, look no further.
We call on one another's accountability, often recognising the courage required to stand up for right despite challenges. Assuming a stakeholder or leader faces these alone miscasts notions of organisational dynamics and isolation. In some regards we are alone - understand it defies the definition of leadership.
Boards need to know how to prepare organisations for dealing with cyber crime by asking questions in "peace-time" which may help during a cyber incident - aka "war-time".
The distortions created by cyber incidents and the challenge of handling cyber incidents are amplified with the introduction of liability. However, the imposition of death - an irreversible and undesirable impact - shows we need to sort it.
Looking at the distinctions between Cyber Threat Intelligence (CTI) and cyber risk - both with similar elements with supportive properties, but often misunderstood. Offering definition to aid practitioners, auditors, regulators and boards.
Challenges to the blending of Cyber/Fraud/AML spaces in financial services gives cybercrime more room to maneuver. Criminals find monetisation advantages in victim organisational separations, with innovative solutions based on careful observation and rapid growth in operational maturity. This post uncovers difficulties financial services encounter in cybercrime-monetisation.
Issues - regardless of scale - often acquire similar responses when the systems are complex. This post looks at components of complex system issue response and reasoning behind it.
Some things are bent to suit. Some are broken in process. Some things just have to burn. The following are considerations for metaphorical implications.
At opposite ends of the intelligence spectrum, need-to-know (limited audiences) and need-to-share (expansive audiences) vie for dominance. Here we define these practices, associated concerns, and circumstances where one approach is likely preferable.