No Trust; Always verify. How to keep your business safe in a scary world.

Good security is grounded in good risk management

Why Cyber risk isn’t really Cyber at all.

What’s appropriate for your business?

New startups and small businesses

Established Startups, Scale-ups and SMEs

Larger Organisations, or high compliance industries

The types of risks you’ll face

The inability to trade or transact

Physical failure of infrastructure

Malicious destruction of systems or data

Distributed Denial of Service (DDoS)


Key staff are unavailable to perform essential tasks

Brand & Reputation

Website vandalism

Social Media

Data Breach

A massive leak of customer data

Data Leakage

External services with insecure passwords (Shadow IT)

Ex-employees with access to systems

Social Engineering / Phishing

How to stay secure — a playbook for technical leaders in small businesses.

Information Security risk should be based on sound enterprise risk management (ERM)

Playbook — Managing Your Partners and Suppliers

Establishing your controls

Before engaging a supplier

During a supplier relationship

Outsourcing in Regulated Industries

Outsourcing in ISO 27001

Playbook — Managing risk in the cloud

The takeaway

Technologist, lean evangelist, chaos monkey and Chief Technology Prevention Officer. Loves good coffee, hanging around on ropes and driving about in cars

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store