Good day,
The Need For Change
If you haven’t noticed, the technology environment is accompanied by an increasing cyber threat environment which is approaching pandemic proportions.
The Internet and our system architectures are under increasing threat, increasingly complex, and open to damage and extortion. Damage from events in the past few years have exceeded billions in dollars for both cyberattacks and data breaches, many of them regarded as Black Swan events (also labelled as Failure of Imagination).
As we have with climate change, we need to change our practices and strategies to cope with this changed environment. This website is my contribution to helping understand the changes we need to make in our businesses and in our IT architectures and business processes so organisations can continue to develop and operate in a sustainable (operationally) manner.
Is our current approach to IT and Business Design building a House of Cards?
“Why have so many large companies had major business disruptions because of IT and security issues?”
That was the question I asked of my colleagues over dinner one night at a favourite bistro (pub).
Over the last three years, there have been large failures caused by cyberattacks at Maersk, Merck, Hydro, Toll, JSB Meats, Colonial Pipeline, to name just a few (see lessons from Life for more information on each of these cyberattacks).
Surely these large companies have enough expertise. It isn’t like IT has just arrived or that cyber attackers are new? I am sure they also have great risk managers and IT teams as well.
Is our current approach to IT and business design building a house of cards? The answer to that question in terms of the above mentioned, large companies and the resultant business disruption and associated costs would have to be yes!
Do these failures have anything in common? Not a lot of detail is known about each of them but what we can deduce is they all have a large attack surface. The attack surface is the degree to which the organisations IT systems and infrastructure is available for attackers for exfiltrating information, for monitoring an organisations business or to enable extortion through ransomware, amongst other crimes.
The size of the attack surface is the reason the above-mentioned companies have suffered greatly.
Why are the cyber attack surfaces so large?
That is an interesting question and the reasons are many which I will expand upon over the next few months.
Can we reduce the attack surface and limit the disruption to business and other associated risks?
The answer is yes, but for many firms it will require a different approach to that which is currently being employed and pushed by suppliers.
This will also be in discussion papers in following months.
These are heady times, so join me in this journey of making IT and business less risky and potentially less disruptive while increasing the value of organisations.
Discover on this website...
1 Newsletters
Newsletters will be published monthly on this site. They will be focused on covering important points from Discussion Papers, News about Cyber Events, Research and Statistics based on various reports available.
Each Newsletter will mention the topics that will be released in the coming weeks.
Get Your Free Newsletter
Sign up to get your free Newsletter about Cyber Security published monthly.
2 Lessons from Life
Lessons from Life are based Cyber Attacks, Ransomware and Cyber Security Incidents that have impacted known businesses and caused a large disruption. They will be focused on lessons we can learn from these incidents and our responses to them.
Each incident contain some valuable lessons with a commentary on what can be the preventive measures in similar circumstances.
3 Discussion Papers
Discussion Papers are intended to invite discussion from members based on various topics of interest around Cyber Security. They will help us broaden our education, understand complex concepts, and provoke a response.
Discussion papers start with Cyber Security and its various components and will cover other aspects of IT and business design.
4 Reports and Statistics
Reports and Statistics will be a discussion on publicly available reports and statistics on Cyber Security. They will be focused highlighting the difference from the media that is awash with such reports and assist in better understanding and interpretation as well as usage for businesses.
Each report and statistic may give us valuable insights in our own business to help us focus on the right things and avoid the wrong things when it comes to Cyber Security.
Scam Statistics from 2021
$323M
Amount Lost
286K
Number of Reports
8.9%
Reports with Financial Losses
House of Cards
Are our current approach to IT and business design building a house of cards? Looking at the recent cyber attacks on large companies and the resultant business disruption and associated costs, the answer would have to be YES!
Greg Porter Advisory is good for
Board Directors and CEOs
The major intent of this membership is to equip board directors and CEOs with the relevant current and emergent issues, the questions to ask the organisation, some guidance on solutions as well as education through examples and discussions, with peers and other subject matter experts. Read more of the benefits when you sign up for a trial.
C-Suite Executives and Risk Managers
The major intent of this membership is to equip C-Suite Executives and Risk Managers with the relevant current and emergent issues, the questions to ask the organisation and themselves, some guidance on solutions as well as education through examples and discussions, with peers and other subject matter experts. They will also have access to the role of the Board and their concerns and responsibilities from ASIC and Apra etc. Read more of the benefits when you sign up for a trial.
Professionals
Professionals can understand the current issues of IT and business in a larger context and appreciate the issues board directors need to consider and respond to especially to ASIC and other regulatory bodies.
Small Business
Small business has an entirely different set of issues to confront two larger organisations who have access to a much larger set of resources. However, there are a number of things that small businesses can do to survive in an ever changing environment. Over time, I set off principles and practice that will be developed for this site. In the meantime, membership will enable you to understand the issues at large in the current IT and business environment.
Services Available
What a paid subscriber receives?
News – monthly newsletter on current newsworthy events, cyber security breaches, data breaches, topical article (eg Failure of Imagination, need for change in approach to IT strategy, risk management and business process)
Discussion papers (such as “the future of the Internet”, “Scenario planning”) and associated blog that you can contribute to and learn from.
Analysis of Cyber events, IT incidents, data breaches good practice and what we might learn from them.
Ability to ask your peers questions for opinions in a public environment or to myself for a private response.
Trends in technology and associated business management (e.g. quantum computing)
Resources available from Government and Public sources
Our Pricing Plan
TRIAL
FREE
The FREE Trial is available for 30 days. You will be able to see most of the newsletters, article, posts and content with this membership.
Monthly
$
9.99
You will get access to all the membership newsletters, articles, posts and content with this membership.
yearly
$
99.99
You will get access to all the membership newsletters, articles, posts and content with this membership.
Note: All prices are inclusive of GST as applicable depending on your billing country. No Payment Information is stored on our website. This website does not store any of your payment details like credit or debit card number or your bank account details.
Trial 100% FREE for 30-Days - Cancel Anytime
SATISFACTION
100%
guarantee
If, for any reason, you don't like this membership, you can allow the FREE trial to expire 30 days after you register. If you have any questions, just send us an email and we'll help you out until you get the results you are looking for or cancel your membership. For paid membership either monthly or yearly you can cancel anytime - your membership will continue till the date you have already paid up. Once you cancel the membership you will not be charged for the next cycle.
Hi, I’m Greg Porter
My website is a commentary on current IT and business issues mainly focused on Board Directors and C-Suite executives. (in the future, it will also include specific content for small business owners and professionals such as accountants and lawyers etc). My commentary is based on experience in a variety of industries and organisational types gained in multiple decades both as a full time IT Director, CIO and consultant. My commentary will not always align with current practice but an alternative view of IT and business, but with the same objective of optimising value and reducing risk.
My objective is to assist you to more fully understand current issues and responses, and subsequently make improved decisions and strategies. Advice is available by way of access to a variety of newsletters, Discussion papers, a blog on current issues, cyber security advice (including questions and answers that need to be asked), lessons learnt from good and bad practice, regulatory requirements from Government and other authorities. Other services include workshops, assessments and ongoing advisory services. Hopefully, there will be discussions and dialogue between members and contributors.
I encourage you to subscribe and join my colleagues and myself on the journey to better governance, strategies, value and risk mitigation.
Cheers, Greg
The Founder and Principal of Greg Porter Advisory