BLUES

CyberSecurity Leadership Summit logo

CyberSecurity Leadership Summit 2021

I will be speaking at this year’s KuppingerCole Cyber Security Leadership Summit, 9-11 November 2021 in Berlin. It is a great privilege and pleasure to be invited to participate in such a high calibre event. I have two items on the agenda:

From Burden to Benefit – How aligning on business purpose and objectives is critical to maximise the value of Security

In this presentation I will focus on how to position Security as a Business enabler, and how to align and cooperate with those corporate functions that are driving the Digital Transformation. This talk will draw strongly on research in the field of Organisational Leadership and how to apply it to the context of CyberSecurity and the Digital Transformation.

Wednesday, November 10, 2021 12:00 – 12:20

Between Sugarcoating and Scaremongering – How to Position Your Governance & Risk Management Programme

Panel Discission, together with Victoria van Roosmalen, CISO and DPO at Coosto, moderated by Warwick Ashford. We will be diving into whether it is better to down- or up-play the risks addressed and uncovered by a Governance & Risk Management Programme, and how to decide which approach to take. Further participants to be announced.

Wednesday, November 10, 2021 12:40 – 13:00

This will be the first in-person event for me in nearly two years, and I am really looking forward to it! The whole conference will be offered as a hybrid event, both for participation on-site in Berlin, and online for those that can’t make it.

Please do come and join us for this excellent event, either in person in Berlin, or online. For more details, visit the event website at https://www.kuppingercole.com/events/csls2021

Threat Modeling Manifesto

As described in the BLUES overview, creating a threat model is one of the first steps in ensuring security is aligned with business goals is to ask the four basic questions:

  1. What are we working on?
  2. What can go wrong?
  3. What are we going to do about it?
  4. Did we do a good enough job?

Some of the most influential thought leaders in the field of Threat Modelling have now published the Threat Modelling Manifesto. A great source that outlines the basis on which Threat Modelling in Cyber Security is founded. Well worth a read.

Documents the values, principles and key characteristics as an industry guidance for conducting threat modeling.

Source: Threat Modeling Manifesto