What do
you
think this is?

Steps in no-man's land

• 3 minutes to read
• Tuesday, 8th of May 2018
• • business
  • leadership
  • management
  • security

Some major breaches have seen the light of day lately, and everybody agrees that they will keep coming. I don't believe you will find any security professional respecting himself to tell you that this will stop. The reasons are many, but the most important one is the (lack of) security design. Systems, processes and services have been moving to production without security design for years. And unfortunately in many cases they still do.

In our (security) profession it is becoming common to jump on each other's throat; and the result is the public blaming of the CISO involved - like leaving them alone to take some hard steps in the middle of no man's land.

Read more ...

Building up a SOC - the candidate challenge

• 2 minutes to read
• Saturday, 10th of February 2018
• • business
  • leadership
  • management
  • interviews
  • multinational management
  • globalisation

Building a Security Operations Center from scratch is not an easy thing. But since it's not the first time I'm doing it, I am familiar with the challenges. These challenges include the building of the processes in a company-adjusted manner, the selection of the toolset and integrations to match the company's enterprise architecture, network architecture and of course my own security architecture, but nowadays, and due to the significant skill shortage in cybersecurity the major challenge is finding the right people.

Read more ...

Invite me to an event

• 1 minute to read
• Wednesday, 1st of March 2017
• • conferences
  • leadership
  • security
  • presentations

I have been speaking in events since 2009, and I was delivering undergraduate and postgraduate classes in Computer Science, Network Application programming and Security from 2001 to 2006.

Most of my presentations are posted in this blog, although I may have forgotten / lost some.

If you want me to talk in your event about security and risk management, feel free to send me a mail. My contact details are here.

The message won't be visible but I will get back to you as soon as possible.

Please add location, dates and contact details.

Read more ...

Me elsewhere

• 1 minute to read
• Tuesday, 28th of February 2017
• • leadership
  • security

Sometimes I give interviews, or publish case studies or write articles elsewhere.

Here is what I can remember, in reverse chronological order

• In 2023, my article on Third Party Risk Management The Security Blind Spot No One Wants to Discuss was published at ISACA Industry News
• In 2023 I recorded a podcast for NDK Cyber Secure Insights
• In 2020 I participated in Info-Tech''s strategy research on "The first 100 days as CISO"
• In 2018 my opinion on why CISOs not heard by the boards is a bad idea was published on Infosecurity magazine
• In 2018 Kevin Williams and I had a brief interaction which resulted in my opinions on biometrics to be considered
• In 2018 I wrote an article for SpeakUp at Work about the expectation of privacy
• In 2010 the usage of PandoraFMS (open source monitoring solution) in G4S was worth a case study here
• Between 1998 and 2001 I was the editor-in-chief, responsible for the Question and Answers section of the Greek online Magazine and wrote several articles about Linux. They are all in Greek :
  • March 2001 Linux Intrusion Detection System
  • October 2000 Setting up Linux From Scratch part 2
  • October 2000 Setting up Linux From Scratch part 1
  • September 2000 Bash tutorial
  • July 2000 Interview with Eric S. Raymond on OpenSource
  • June 2000 Perl DBI tutorial part 2
  • April 2000 Perl DBI tutorial part 1
  • October 1999 Setting up RAID
  • August 1999 August SGML editor review
  • May 1999 KDevelop review
  • March 1999: SySV boot process
  • July 1998: XISP setup for Greek ISPs
  • June 1998: Tutorial for XISP
  • April 1998: Second part of StarOffice presentation
  • March 1998: First part of StarOffice 4.0 presentation - what later became OpenOffice.org and LibreOffice
  • February 1998: Market situation
  • February 1998: SMB configuration

Read more ...

Diligence: the new cybergame

• 4 minutes to read
• Wednesday, 5th of October 2016
• • business
  • leadership
  • management
  • security
  • privacy
  • risk management

Significant changes are coming to the cyber security and data privacy landscape. I would consider these to be potentially game changers as they may alter the way organizations address their security posture and preparations.

Read more ...