Stefan Sokolowski

Biden’s Executive Order – A cloud migration to make the moon landing look simple

On the 22nd May 2021, President Joe Biden signed an executive order to improve the national cybersecurity posture. Section 2 of the Executive order was all about sharing threat and incident data between government and service providers. Section 3 takes Government Agency IT by the scruff of the neck and looks to drag it into …

Biden’s Executive Order – A cloud migration to make the moon landing look simple Read More »

Biden’s Cyber Executive Order – One SIEM to rule them all?

I started off looking to write a summary of the Cyber Resilience Executive Order released on the 12th May 2021 by President Biden. Unfortunately, this is a must larger task than first envisaged. There is a huge amount of material condensed into a single document. The document is long and dense (but dense in the …

Biden’s Cyber Executive Order – One SIEM to rule them all? Read More »

The Ransomware Taskforce – a 20th century solution to a 21st century problem?

The Institute for Security+Technology released a recommendations report on the 30th April 2021 with the help of a list of industry players, to try to stem the tsunami that is ransomware. The 81-page report says all the right kind of things, but the reader is left to wonder just how many Zoom meetings will be consumed in …

The Ransomware Taskforce – a 20th century solution to a 21st century problem? Read More »

ISO 27001 verses NIST: the cyber wars

Companies often grapple with security frameworks as if it were a deeply theological question. Maybe you are a US multinational that has inherited NIST based controls but your clients want a certification of compliance which the NIST 800-53 cannot provide. Maybe you are an organisation who’s deeply technical experts reject broad-based controls in favour of …

ISO 27001 verses NIST: the cyber wars Read More »

ISO 27701 does not cover the GDPR out of the box

ISO 27701 has come along to add another management system into the ISO camp. With the creation of a Privacy Management System (PMS), the International Standards Organisation (ISO) is looking to provide a compliance framework for global privacy legislation and regulation. There is a significant cost in evidencing compliance to any regulation, that most organisations …

ISO 27701 does not cover the GDPR out of the box Read More »