• Hey! My name is Diane, and this is my very first blog post on Strategic Security by Diane. In this post I would like to introduce why I have created this space, and what I would like to share through it. My posts will include opinion pieces about information security; risk management; and leading infosec professionals....

  • Information security programmes are built on assessing risks and understanding what changes are required to make the unacceptable, acceptable. Information security objectives are reached through successful changes that usually overarch whole organisations or whole business units. In a time where the only constant in organisations,......

  • In my previous post, I introduced the term information security at its very basics. I went over, What is information security What is information Why do we need to protect it   In this article I wanted to discuss the different ways to protect your......

  • As an information security professional, I started off my career thinking infosec was all about technical controls – networking; infrastructure; application development. With time, I realised that information security is actually more about the what technical controls you choose to implement and the how you go about doing......

  • As security professionals, we often talk about taking a layered approach to security when describing the controls we implement to protect information. We understand the need to not have a single point of failure when implementing protection. If a system is processing critical information, we......

  • When I started writing up this blog, I sub-consciously had a certain audience in mind. The first few articles have required a level of understanding of information security, a shared knowledge of key terms and topics on the subject. Someone pointed this out to me,......

Hi! I'm Diane!

Follow this page, for updates on infosec, strategy and organisational change management. My blogs will involve opinion pieces on how I believe infosec risk should be seen as a business risk, and infosec teams treated as a partner to the business.