CTO Blog
Information security has often viewed itself as ‘different’ to other areas of IT, to other areas of security, and to other parts of society. Through wearing these 'blinkers', we run the risk of missing out on significant opportunities to learn and to innovate. This blog seeks to provide and provoke new ideas and innovation in information security strategy, governance, and the overall structure of the industry. As Bob Metcalfe famously said, "invention is a flower, innovation is a weed."
27 Sep, 2010
1000 Application Tests - What Have We Learned?
When aggregating 1000 application tests, covering applications developed with dozens of technologies, by thousands of developers, and probably billions of dollars of IT investment, what have we learned? Part 1 of a few. READ MORE
1 Jun, 2010
Government Take Over of Critical Infrastructure IT Security Management
IT Security Black Swan No.1... a nationalization of the IT infrastructure – or at least the IT security management of that infrastructure – in a range of industries. Likely? Possible? READ MORE
31 May, 2010
Black and White Swans, A Glimpse at the Future
In the 16th Century, all swans were believed to be white, until the first identified black swan immediately invalidated that belief. In information security we similarly have a range of beliefs and assumptions within which we operate. Which of these will be turned upside down by a future Black Swan Event? READ MORE