Research and viewpoints
Perspectives
Original thinking on cybersecurity strategy, governance, and risk. Written by practitioners for the leaders who make security decisions.
Latest viewpoints
Strategy
Why most security assessments fail before they start
The problem is not what assessors find. It is what they agree not to look at before they begin. Scope decisions made in the first meeting determine everything that follows.
Governance
What your board actually needs from a security briefing
Most security briefings tell boards what happened. Boards need to understand what is at risk, what it costs to reduce it, and what decision is being asked of them.
Advisory
The vendor-independence test: six questions to ask any security advisor
Before you act on any security recommendation, you need to understand whether the advisor giving it has a commercial stake in your decision. Here is how to find out.
Whitepapers
In-depth research on security governance and risk
Extended research on specific practice areas — regulatory frameworks, board governance models, program design, and incident readiness. Written at practitioner depth for security leaders and their teams.
Glossary
Plain-language definitions for security leaders
Security terminology explained without the vendor framing. Written for leaders who need to understand what their teams are talking about and evaluate what they are being sold.
Have a question our perspectives do not answer?
Our practice spans strategy, risk, compliance, program design, incident readiness, and capability building. If your security question sits at the intersection of any of these, start a conversation.
|DataNudge 