When we plan for what can be achieved in any given year, we often over estimate what we can achieve and under estimate the resources needed to achieve it. This is true for most aspects of work and life (think unfinished home renovations and pilot projects that become production) and is certainly true for security.

‘There is no terror in the bang, only in the anticipation of it’. Alfred Hitchcock said that…. He knew a thing or two about evoking fear. Fear is often used to will people into taking action that they otherwise wouldn’t – for example fear-based messaging has been used for years (who knew that before Listerine, no one was worried about bad breath…no one). When it comes to fear-based messaging… security is no exception.

It’s been the Christmas season for a while if you believe the elevator music, the tinsel draped around store doorways and the brief pause in hot-cross bun sales.

It’s a time of year when projects are due to close, budgets are under pressure and there are more parties than you can poke a stick at. All these things, and probably more, have got data loss written all over them….

Securing your business can be overwhelming especially when starting from scratch. Once your organisation has identified a need to make information security part of the way you do business, how do you get started? Should you seek a deep-dive risk assessment? Should you consider a three-year strategic implementation of security controls? Should you hire a Head of Information Security?

Since 1980 (…a great year), as a country we have embraced the young Seagull Sid telling us to slip on a shirt, slop on some sunscreen and slap on a hat. In more recent years, the Cancer Council brought in the SunSmart Schools program (which quirkily added seek some shade and slide on your sunnies) requiring Australian SunSmart Schools to have a written sun protection policy to achieve accreditation. A fantastic initiative....