Crisis at Scale

We already have moved to an understanding of crisis being part of our BAU, much like the tide it ebbs and flows with regularity. Constant crisis creates new tolerance thresholds whilst shifting perception away from incidents being of note or cause for alarm. No sirens are sounded, as the chorus would be indistinguishable.

On Task Force Bounds

Reading the recent report from the Ransomware Task Force reminds us of the advantages and limitations task forces offer. In any cresting malicious cyber trend, the tide go out when the monetary spends exceed gains. Bounds imposed on task forces create challenges for lasting change.

Separating Actors and Actions in CTI

Using traditional intelligence models in private sector often doesn't account for the difference in audience and scope of responses available. By separating the focus between actors and actions, CTI practitioners can focus on delivering actionable intel to decision-makers thus also building the case for cyber as a value generating component of the P&L.

Resetting VCAT

If we focus on how to get the best out of the team without focusing on the team, we look at process and results without looking at team dynamics. The difference between liking what you do logically, and loving what you do on a deeper emotional level is rooted in the team having good dynamics and feeling like they are part of a purposeful whole. Resetting VCAT is a way we build and re-build the team.

What is Intel?

Evaluations such as risk are partially built on external threat assessments, regarded as intelligence. Understanding what intel is, what it can do, and what it cannot is foundational to recognise the spectrum of offerings. The following synopsis of intel from a cyber perspective starts a whole new line of inquiry.

Cyber as part of P&L

Cyber is commonly seen by businesses as a cost center. Changes are afoot that suggest it is increasingly a revenue generator. There are great gains in client relationships to be made if organizations that are not vendors of these services think in a similar way about offering value from their cyber teams' work.