Looking at pros and cons of a centralized vs decentralized approach to cybersecurity teams, and how in the end there is no right answer. This is a cycle and we should focus on relationships rather than hierarchies.

As a specialist in cloud security due diligence and third-party security risk management, I present the hardest aspects of the discipline. Questionnaires and scanners have created a culture of "checkmarkism" that lead to fast results but low value advice.

How much money does a security breach cost? Looking at the IBM cost of a data breach report, I explore how information security cannot solely be a question of avoiding breaches.

Explaining what makes the ISO27001 standard relevant for information security professionals today. I tell the story of how I took part in an ISO27001 certification process. I share my expert opinion on how this framework can help an organization manage security in a cost-effective way.

Verizon's Data Breach Investigation Report (DBIR) is a must-read resource to gain insight into current cybersecurity breaches. The 2023 version is out, and I read the whole 90 pages of it so you don't have to!