How do you manage your #InfoSec #CyberSecurity #Privacy #Policy #Security news intake?

I’m in the process of reevaluating my news feeds. The method is much the same as evaluating Cyber Security threat intelligence feeds. Is it:

  • Timely?
  • Accurate?
  • Actionable?
  • Updated?
  • Adding value?

I categorize my information intake in several ways:

  • News
  • Analysis, Editorial & Opinion (most blogs, podcasts, and personal social media feeds)
  • Technical
  • Press releases

With all of this, I find myself overwhelmed with data. Much is redundant and not adding value. Some adds value but isn’t timely. Some opinion is fopped of as news. Branded content permeates.

What sources do you use? How to you consume them? How do you value them?

Recommendations for strengthening cyber security policies

The report provides the outlines of two tools, a suggested Review Process and proposed Development Framework to help boards, senior managers and information teams in organisations that would like to review their information security strategies and governance arrangements.

Since its launch in March this year, the DGSF actively engaged with civil servants, cyber specialists and technology providers to help guide the development of the Forum and to assist in quality assuring the work produced through the initiative. The report identifies four high priority areas, for government to address as it continues to make greater use of technology to meet austerity targets and improve the delivery of digital public services:

via Recommendations for strengthening cyber security policies.

You’ll have to click-through to read the recommendations, but any seasoned InfoSec professional can guess what they are.