The IMO & the Upcoming Cybersecurity Deadline

On 12/12/2020

The International Maritime Organisation and Cybersecurity The International Maritime Organisation and Cybersecurity – the IMO is a dedicated agency of the United Nations charged with regulating aspects of safety, security and the prevention of atmospheric pollution caused by international shipping operations. The organisation met for the first time in 1959, and has developed regulations for […]

What’s in a Good Security Risk Assessment?

On 04/07/2019

If you’ve ever undertaken a security risk assessment (SRA) yourself, you may have wondered whether it was as comprehensive as it could be and if could it withstand serious scrutiny. Part of the notion of completing a diligent risk assessment is to first understand where the rest of the industry is at, so that we […]

Risk Management Frameworks

On 27/06/2019

This is a generic (i.e. not security risk-specific) article and is included for its close links to security risk governance. Section 4 of ISO31000 opens with the simple statement that “The success of risk management will depend on the effectiveness of the management framework providing the foundations and arrangements that will embed it throughout the organization […]

10 things to like about the “Universal Security Management System Standard” out of the Netherlands

On 11/07/2018

We love security standards – they give us a baseline and enable us to consciously diverge from defined industry practice where it suits us. This morning we became aware of a security standard that looks like it will make for very interesting reading. It seems that the Netherlands are leading the way in enterprise security […]