Robin Oldham is the founder of Cydea, and previously led BAE Systems’ Security Advisory & Technical Services business, that was recognised by Forrester as one of the leading information security consultancies.
Robin helps businesses defend themselves from cyber crime and thrive in the digital world and has over fifteen years experience including advising numerous boards on how to manage crises resulting from cyber-attack.
Security Watercooler: Cyber Risk Universe, with CISO Mentor's Phil Huggins
This week we are trialling an idea around a virtual ‘Security Watercooler’. 25~30 min video calls to break up the day and showcase different viewpoints. Check out more about the concept here. Today Robin Oldham was joined by CISO Mentor’s Phil Huggins to discuss the cyber risk universe. Here are the summary notes from the call: Phil and Robin have been working on a project ‘Open Information Security Risk Universe’ that is available, in part and as a PDF, on GitHub here: https://github.
Join us at the Security Watercooler
This week we are trialling this idea: gather round the (virtual) Security Watercooler to share some knowledge, discuss ideas and chat with peers. Many of us are doing the right thing by staying at home to save lives, and that can lead to things becoming monotonous. The Security Watercooler is ~25 min video calls to break up the day and showcase different viewpoints. Each day of the week aligns to a different part of the NIST Cybersecurity Framework.
Now is the time to secure those new remote working tools
The novel coronavirus COVID-19 has led to many countries around the world mandating that citizens practice social distancing and stay at home. This has led to a huge surge in remote working. Organisations are rapidly adopting new technology solutions that allow users to access company resources and participate in remote meetings. We know lots of IT and security teams are rushed off their feet right now. So we pulled together a list of resources for popular remote working tools so folks can (go back and) get stuff secured plus keep on top of any future security updates.
We need your help to develop a better way to measure and manage cyber risk
At Cydea we believe in risk management should be consistent in its approach, informed by the data you have, and automated where possible. It’s part of our belief in positive security. Annual risk assessment workshops and ‘five-by-five’ risk matrices are no longer good enough. They don’t invite unacceptably wide margin for error and do not keep pace with modern business. We think it is time to do something about that. And we would like your help!
Cydea has Cyber Essentials
It’s important to practice what you preach. That’s why we’re proud to announce that Cydea has achieved Cyber Essentials certification. Cyber Essentials is a UK government-backed scheme to protect organisations from the most common cyber-attacks. Even for a cyber security company, it wasn’t without its challenges though. Nailing the basics, consistently, is really hard. It can be more difficult at scale. Plus we are a modern company who, like many start-ups, don’t have any fixed infrastructure or premises.
Protect shareholder value using positive cyber governance
The board’s purpose is to successfully direct the company’s affairs and meet the needs of shareholders and stakeholders. We believe getting the following seven things right helps to establish effective cyber governance and are the foundation for a good security culture. Countless articles, white papers, and conference presentations opine that ‘cyber security is a board-level issue.’ That’s true. Company governance is the responsibility of its board of directors. The financial impact, regulatory penalty and reputational damage for those who don’t demonstrate good governance can be significant.