We should congratulate and support colleagues around the world who have conceived, organised and promoted creative events for October's cybersecurity awareness month. Seriously, well done all of you. Thank you for your energy and efforts. Thank you for caring. Thank you for doing your bits. Thank you for taking time out of whatever else you were doing, perhaps even allocating some of your budget towards this. I am being 100% genuine here: this is not a sarcastic piece. I am truly grateful.

The Institute of Directors has just released their Code of Conduct for Directors , promoting six principles: Leading by example. Integrity. Transparency. Accountability. Fairness. Responsible business. So far, so good ... although somehow I feel there's something missing. But what?

In a previous philosophical phriday post , I moaned about vendors of security compliance support/management tools and services over-promising and under-delivering - an admittedly biased, even cynical opinion piece about the compliance imperative . A recent article in Corporate Compliance Insights notes that "CISOs are not just defenders against cyber threats but also champions of compliance and operational resilience". Hmmm, are CISOs 'compliance champs', really? Today, I'm discussing alternatives to being compliance-driven. How else can organisations drive their information risk, security and related concerns in a positive direction?

  Today I asked Google's Gemini to rewrite yesterday's blog piece " in the style of a naive student of IT" : "Hey guys, so I was thinking about this weird thing that happens online. People get really mad about stuff, like really mad. They all start yelling at each other and saying the same things over and over again. It's like a big echo chamber, and it gets out of control. For example, there was this time people were freaking out about 5G towers. They thought it was going to hurt people, but scientists said it was totally safe. But the people who were mad kept saying it was bad, and they got other people to believe them too. It was crazy! When people get really mad like that, it's hard to talk to them. They don't want to listen to anything else, and they just keep shouting. It's like a big fight, and it can make things worse. So, what can we do about this? Well, one thing is to just wait for people to calm down. Sometimes, if we let them vent f

For kicks, I prompted Google's Gemini AI robot to rewrite yesterday's blog piece "in the style of a professor or university lecturer".  This is wot it rote me: A fundamental challenge in contemporary society is the phenomenon of outrage , wherein groups of individuals exhibit disproportionate emotional responses to perceived threats or injustices. This often manifests in the form of echo chambers on social media, where like-minded individuals amplify and reinforce each other's concerns. Such amplification can rapidly escalate emotions to unreasonable levels, hindering rational discourse and critical thinking. Consider, for example, the contentious issue of 5G cell tower placement near schools. Outraged individuals may perceive this as a grave threat to public health, accusing authorities, scientists, and industry leaders of callousness and disregard for their concerns. The perceived risk is often amplified through groupthink, leading to a sense of collective out

For decades, I have appreciated  Peter Sandman 's approach to outrage - the social phenomenon in which groups of people react strongly to some perceived threat, issue, concern or whatever, drawing-in other like-minded individuals via social media. The echo chamber (positive feedback loop) can rapidly escalate emotions to an unreasonable degree with a lack of reasoned, critical thinking - according to those allegedly responsible for the issue anyway.    In the case of, say, the placing of 5G cell towers in/near schools, the outraged can become furious that the risk (as they see it) is being 'callously ignored' by the equipment suppliers, site developers, authorities and scientists, and enraged that they are 'not being taken seriously'. From their perspective,  thanks to group think (social endorsement),  the  perceived   risks are portrayed and understood to be deadly serious .  Leaders within the outraged community gain notoriety, influence and personal power from