Breaking Down Cybersecurity: The Real Meaning Behind the Jargon
Cyber Security, National Cyber Security & Resilience, Cyber Security Management, Cyber Security Assurance Matt Palmer Cyber Security, National Cyber Security & Resilience, Cyber Security Management, Cyber Security Assurance Matt Palmer

Breaking Down Cybersecurity: The Real Meaning Behind the Jargon

What really is cyber security and why doesn't the traditional CIA triad of confidentiality, integrity, and availability work?

And what's that got to do with footballs anyway?

I've written this simple breakdown of the five key cyber security terms - confidentiality, integrity, availability, authenticity and non-repudiation - with examples of what they mean in practice, and real life incidents illustrating what happens when they go wrong!

Read More
Applying agile principles to public sector change
Projects and Change, National Cyber Security & Resilience Matt Palmer Projects and Change, National Cyber Security & Resilience Matt Palmer

Applying agile principles to public sector change

Shortly after 2001, I was one of many to sign the agile manifesto for software development. This document went on to start a global movement and change how technology change is done: from grandiose projects that often failed, to iterative change that often delivered.

But agile principles can be applied in other fields too, perhaps nowhere more so than where people are most impacted: public services.

Read More
Why is Jersey introducing a new Cyber Security Law?
Cyber Security, National Cyber Security & Resilience Matt Palmer Cyber Security, National Cyber Security & Resilience Matt Palmer

Why is Jersey introducing a new Cyber Security Law?

under our proposed new Cyber Security Law, Jersey Cyber Security Centre (JCSC) will have no power to fine or penalise bad behaviour. We will have no power to insist, unless through adoption of our recommendations by an existing business or regulator. No power to name and shame those who don't do their bit. No power to investigate, to force compliance, or to require others to act.

We will in fact have one power, and one power only: the power to share information in confidence, and to have information shared in confidence with us.

And we will have one ability: the ability to help.

Here#s how it will work.

Read More
10 steps to effective board leadership on cyber security
Boards & Governance, Cyber Security, Leadership, Non Executive Directors Matt Palmer Boards & Governance, Cyber Security, Leadership, Non Executive Directors Matt Palmer

10 steps to effective board leadership on cyber security

Boards and non executive directors can lead from the front on cyber security and reduce risk for your organisation. Yet sometimes it is not easy to find a path forward to engage in a technical area. Here are 10 practice suggestions to take forward with your cyber security leader.

Read More
When Cyber Security Board Reports Fall Short
Non Executive Directors, Boards & Governance, Cyber Security, Leadership Matt Palmer Non Executive Directors, Boards & Governance, Cyber Security, Leadership Matt Palmer

When Cyber Security Board Reports Fall Short

Reporting cyber security to the board involves a delicate balance. Cyber security technical details need to be turned into strategic plans that match the organization's risk tolerance and business goals. Here’s how it can go wrong, and what it takes to get it right.

Read More