Insight

Towards Clearer Governance for OT Security
It is not rare for OT Security to end up in some form of organisational no-man’s-land This interesting interview with Andy Norton puts things in perspective around IT and OT Security (“The top 5 cybersecurity threats to OT security” – IT Security Guru – 11 November...

Helping Charities Do Data Governance
As you probably know I help organisations understand and manage their data better. Typically people turn to me because their data is a mess and they need help unravelling it or because they realise they are pouring cash into new initiatives that are failing because of...

The Six Principles for Successful Data Governance
There are six principles that underpin all successful data governance initiatives. These are principles that I have developed over many years of experience of successfully (and sometimes not so successfully in the early days) implementing data governances in dozens of...

Cyber Security: The Constant Confusion Between Tool and Process
There are real issues in the security operations space but buying more tools won’t help This 2021 survey from TrendMicro (“Security Operations on the Backfoot: How poor tooling is taking its toll on security analysts” – October 2021) paints a slightly frightening...

Do I need Data Governance before Artificial Intelligence?
Companies across all sectors are getting excited about using artificial intelligence and machine learning and, let's face it, who could blame them? They're definitely exciting technologies and the rewards promised include things like big revenue boosts and competitive...
Cyber Security can be a Pillar of any Corporate Post-Pandemic Agenda
But are the CISOs ready for it? A comment left on one of my articles made me think: How can cyber security leaders drive a long-term transformative agenda, with a business and a board that cannot see beyond the short-term? I see several angles worth discussing around...

The Rocky Horror Data Show: Did you get what you asked for?
Data shouldn’t be a wild and untamed thing, but sometimes it is just that - wild… and untamed. And unfortunately for our friend Tim, he’s about to find out just how wild and untamed data can be. As this is ‘The Rocky Data Horror Show’… where the data is not what it...

Can I use our existing IT Incident Management Process for Data Quality issues?
Getting to the root of a data quality issue I’ve recently been going over with a client the pros and cons of utilising their IT incident management process to handle data quality issues. IT incident management involves the creation of a log to help record and manage...

The Problem with Cyber Security ROI
CISOs being asked those questions should look beyond the topic itself and face the underlying issues it might be hiding. If the reporting line of the CISO is the oldest ongoing topic of discussion amongst cyber security communities, security ROI is probably the second...

Why does my company need Data Governance?
If you plan to implement data governance in your organisation, it’s really important to understand why you are doing it. This can often be a long and thankless process, and some might argue it’s not for the faint hearted, so understanding ‘why’ is crucial in order to...