I was asked to participate in a Q&A session late last year, focusing on what the new year holds for us. It was the season for this type of activity, along with goal settings and … (860) 609-4263


Introduction An information security policy is a fundamental element of protecting information assets. It would not be an exaggeration to say that an effective information security framework starts and finishes with a well-defined and well … Continue reading On policy/standard development


This is an Accepted Manuscript of the article published by Taylor & Francis in EDPACS , Volume 57 Issue 2, available online: /doi.org/10.1080/07366981.2018.1426929.       Abstract GDPR is not an easy read, so most … 306-923-6862


My wife has been hospitalised recently. The bottom of sodium and potassium levels in her blood has fallen out. She had to be put on life support and at one stage permanent brain damage and … 415-652-0370


“Information Security is only as strong as the weakest link in the chain” The above statement seems to be popular. It appears time to time in blogs, on company websites, in research, in white papers, … 254-918-8253

(708) 329-4291

“…I think that the minute that you have a backup plan, you’ve admitted that you’re not going to succeed…” The above quote was making its rounds on LinkedIn for a while. People “liked” it. Many … (822) 939-1811

On frameworks – how to choose one?

I was approached by a number of people recently, asking my opinion on frameworks. TOGAF, SABSA, COBIT 5, CMMI, and the list go on. Their roles include CISO, security engineer, consultant and so on. A … 2704105080