Pen Test ‘ology’ and Bang for Buck

I had to deliver a presentation recently, so thought I would pop together my thoughts here. It was about ensuring that any investment in penetration testing my wisely spent. If we want the business to use pen-testing. We need to know what it is, they wish to test. For instance: What’s Vulnerable (our information assets)… Continue reading Pen Test ‘ology’ and Bang for Buck

The Information Trilogy

Perhaps this isn’t how things work.. Though in my head. Information falls into one of three camps: Information Governance Information Management Information Assurance. My definitions are as follows: Information Governance. All about having controls in place to ensure that risks are managed. Where risks can’t be managed (for whatever reason) having the framework in place to… Continue reading The Information Trilogy