Category Archives: Management theory

Thinking creatively about information assets in retail and hospitality
December 5, 2014

In my last blog Improving the Position of the CISO, I introduced the new research...

Improving the position of the CISO
November 22, 2014

Over the years, we security professionals have tried all sorts of things to make better...

From Information Security to Digital Competitiveness
November 5, 2014

Exploring new strategic opportunities for CIOs and CISOs. For as long as we’ve had a...

Revisiting software professionalism
August 12, 2014

The ongoing debate (or spat) on Twitter about the “No Estimates” movement had me reaching...

A software engineer’s memoir (work in progress)
March 9, 2012

I’m an ex software “engineer” [I have reservations about that term] with some life experience...

The end of standards
February 23, 2012

A colleague drew my attention to what he called “yet another management standard”. Which got...

Policy fads and policy failures
January 29, 2011

In cyber security, user awareness, education and training have long gone past their Use By...

There is no algorithm for good management
December 21, 2010

There is a malaise in security. One problem is that as a “profession”, we’ve tried...