News from the Council

More platforms equals less security

The introduction of new IT systems induces mixed emotions in security teams.

How to write a policy

At least change the things that actively put people off reading them.

Factual and accurate: how to get information to the Board

And why report static data on a monthly or quarterly basis?

Bring Your Own Device: a skills disaster even if it's secure

Mitigating security risks may not be overly complex, but there are other issues.

Information sharing

There's an insufficiently-used portal on which to share security experiences.

Cyber security: new skills for the dawn of the quantum era

Practitioners may soon need to understand what attackers can write, and how.

Outbound transferable skills

We should aim for and applaud the up-skilling of cyber security practitioners.

Can someone please do some basic security products?

What on earth is wrong with doing something simple?

Broken windows, and why we need to keep order

Maintaining the security “building” is challenging, needing skilled individuals.

Why there’s a place for creativity in security

Why? Because hackers are creative, too.

Should I recruit based on skills, or take a punt?

Our usual desire is to recruit someone who fits the job description.

Will I ever go to a physical conference again?

Is there still a place for venue-based events?