Publication: Economic valuation for information security investment: a systematic literature review

Looks like Information Systems Frontiers – A Journal of Research and Innovation published one of my papers. This one is taking a systematic look at literature related to measuring value of Information Security in organisations. Research on technological aspects of information security risk is a well-established area and familiar territory for most information security professionals. The same […]

Publication: The Impact Of Repeated Data Breach Events On Organisations’ Market Value

Information and Computer Security has published one of my research papers on the impact of repeated data breaches on the market value of organisations. Purpose – This study aims to examine the influence of one or more information security breaches on an organisation’s stock market value as a way to benchmark the wider economic impact […]

Are you ready to respond to a security breach?

As i’m listening to the ‘Ponemon Study: True Cost of a Data Breach‘ webcast on BrightTalk i’m being reminded of the prevalence of data breaches and the fact that many organisations are still not prepared for it. As I’ve already written on this topic for Computer Weekly i’ll just refer back to that article copied below […]

Parsing scholarly references in plain text

Recently i had the need to convert scholarly references in a plain text document to references that can be managed in my reference manager. Naturally i hoped that my trusted EndNote X7 would assist me with this cumbersome task but i soon found out that this is not the case. After some minutes looking through […]

Thoughts on Managed Security Services Provider Engagement

I briefly mentioned before that i wrote an article on MSSP engagements and possible ways to approach such engagements. The ISSA Journal folks were kind enough to take a look at it and decided to publish the article in their November 2014 edition. As not everyone is an ISSA member with access to the Journal […]