Is hacktivism an acceptable choice?
Palmer on Cyber — Matt Palmer
by Matt Palmer
2M ago
This week I attended CSO Online's CSO Security Summit in London, which was tracked into protection and culture tracks. One of the most interesting aspects of this was the focus on mental heath. As any incident responder (professional or accidental!) will know, these can be very stressful. We ignore these issues at our peril. However the takeaway for me was an observation I made during Lisa Forte's panel: a lot of the discussion and debate around responding to hacktivism focusses on the symptoms (malicious cyber activity) rather than that cause (why young people think this is the way to use an ..read more
Visit website
CSO30 award: thank you
Palmer on Cyber — Matt Palmer
by Matt Palmer
2M ago
Thank you to CSOonline for the CSO30 cyber security award this week. It's much appreciated and a pleasure to be in such good company with so many capable and passionate people. Cybersecurity is still an incredible field where no two roles, or people, are the same. ___ Matt Palmer is an award winning cyber security leader. He currently runs the national cyber defence function for a small island state. He can be found on linkedin or on bluesky ..read more
Visit website
Introducing Incidentally: Why We Must Embrace Risk and Learn From Incidents
Palmer on Cyber — Matt Palmer
by Matt Palmer
5M ago
Progress demands risk, and incidents are inevitable. Based on 25 years of personal experience, Incidentally will explore the role of risk in driving success, particularly in cybersecurity, and how we can manage and learn from an incident or cyber crisis ..read more
Visit website
Breaking Down Cybersecurity: The Real Meaning Behind the Jargon
Palmer on Cyber — Matt Palmer
by Matt Palmer
10M ago
Cyber security is often conflated with the term confidentiality, but that is not correct. Traditionally, professionals tend to define it as being about confidentiality, integrity and availability (known as the CIA triad), but that's not quite right either. So what is it? In the process of advising on our new cyber security legislation, I've had to stop and reflect on what cyber security really is, and how we can explain it in simple but clear terms: Putting to one side the semantic discussions about terminology that professionals often love to have, and focussing instead on what cyber securit ..read more
Visit website
Why is Jersey introducing a new Cyber Security Law?
Palmer on Cyber — Matt Palmer
by Matt Palmer
11M ago
Launch of Jersey Cyber Security Centre In 2021 I took a new role as Director of Jersey's newly formed cyber response unit. We've come a long way from an initial concept as CERT to a full operational capability as Jersey Cyber Security Centre. And I suppose that's a good place to start. But it's just not going to work unless we change it up. Why is Jersey different? In recent year organisations have adopted new technologies and systems faster than ever before. That's even more the case in an innovative digital island such as Jersey - and in doing so, they’ve opened up new opportunities that ha ..read more
Visit website
10 steps to effective board leadership on cyber security
Palmer on Cyber — Matt Palmer
by Matt Palmer
1y ago
How Boards can clear the path for effective cyber risk management. You don’t have to be an expert to ask the right questions. In just a few years, cyber has transformed from the nerd in the corner into the Kim Kardashian of risk. Everyone, it seems, has an opinion on the issue. That’s because it’s serious — businesses can be built on, and destroyed by, cyber risk. The World Economic Forum’s Global Risks Report has consistently ranked cyber attacks among the top seven risks facing the planet in terms of likelihood and impact, while high-profile CEOs including Warren Buffett of Berkshire Hath ..read more
Visit website
When Cyber Security Board Reports Fall Short
Palmer on Cyber — Matt Palmer
by Matt Palmer
1y ago
Telling the board about cyber security problems and plans can help a company be ready for and deal with cyber attacks. Reporting cyber security to the board involves a delicate balance. Cyber security technical details need to be turned into strategic plans that match the organization's risk tolerance and business goals. Cyber security board reports take time and effort to get right - but what can go wrong? Is your cyber security reporting hard for board members to understand? The simple truth is that most cyber security board reporting fails due to a consistent set of issues. Using too much ..read more
Visit website
Does moving to the cloud mean compromising on security?
Palmer on Cyber — Matt Palmer
by Matt Palmer
1y ago
Will moving to the cloud improve cyber security, or are cloud services an unnecessary cyber risk? The transition to cloud computing is an evolution that many organisations are still undertaking to improve efficiency, scalability, and flexibility in their operations. Cloud services offer recognised advantages, such as moving IT infrastructure costs to operating expenditure rather than capital expenditure, enhanced governance, and better collaboration, however they also introduce specific security considerations that need to be addressed to protect systems and data from compromise, and to maint ..read more
Visit website
How to get fast board buy-in for your cyber security project
Palmer on Cyber — Matt Palmer
by Matt Palmer
1y ago
To experts, the business case for cyber security change programmes can seem clear as day — it can be hard to understand why rational business leaders may say no to investment. Yet they do. Here’s how to get a yes. Winning board support for cyber security projects is a critical challenge for security leaders and Chief Information Security Officers. Recently I was asked by a CISO (let’s call him Robert) why his Risk Committee pitch was not being heard. This was not an issue of slide content: the topic was important and the case for change was clear, but the committee simply did not seem engaged ..read more
Visit website
Lessons from the MGM cyber attack
Palmer on Cyber — Matt Palmer
by Matt Palmer
1y ago
On September 12, 2023, MGM Resorts International experienced a cyber attack that resulted in them shutting down their systems. The investigation is ongoing, but crime groups Scattered Spider and APLHV are believed to have used social engineering to hack into the company. What do we know now? And what can companies do to avoid being the victim of such scenarios? The MGM system shut down MGM tweeted September 12 about a “cybersecurity issue affecting some of the company’s systems.” They had to shut them down to protect customer data and their entire infrastructure. However, the issue persi ..read more
Visit website

Follow Palmer on Cyber — Matt Palmer on FeedSpot

Continue with Google
Continue with Apple
OR