Perhaps you have been harbouring desires to build your own business for a few years. You have a unique idea that you believe will offer potential customers a fantastic new product or service. Maybe you have already made that leap and have been slowly building out an idea and treating your new business with the same amount of love and nurture you would with a child!

So what is the Critical National Infrastructure (CNI) in the UK. Its generally defined as a facility, service, information, network, process or people that daily life depends on and if unavailable would have a massive impact on society.

One of the main challenges with managing third party supply chain risks is that they can be difficult to identify and assess. This is due to the supply chain for organisations often being very complex, with many different players and moving parts.

As we move towards a world of lower carbon emissions Electric Vehicles (EV) are becoming ever more popular. As well as cutting carbon output they also have low running costs, low maintenance and some generous tax breaks (currently at least). In the rush towards all Electric has industry stopped to truly consider the cyber security risks this may create.

When you are a cyber security leader, when you are accountable for cyber security across your organisation, what keeps you awake at night? Is it the latest zero-day vulnerability, the fear of data loss due to poor user behaviours, perhaps its wondering if your latest product release is really as secure as you are being told?

For years and indeed to this day cyber security teachings and almost all certification exams pose the following question: What is the most important element to a successful cyber security function? Answer: Senior Management Support.

TEMPEST OR STORM IN A TEACUP?

The constellation of Orion the Hunter has long been pivotal in human mythology. In particular Orion’s Belt are three stars easily visible to the naked eye. More than one creation myth surrounds it.

Nobody doubts that ISO 27001 is a great blueprint for information security management and goes a long way towards codifying industry standards. But, as a set of specifications last updated in 2017, does it still really inform best practice?