Further reading BeyondTrust - Wikipedia

Break Glass is a protocol used to grant emergency privileged access to critical systems or data when standard access methods are unavailable, insufficient, or when immediate access is required to address an urgent situation. A strong Break Glass procedure ensures that privileged activities are logged in a secure and auditable manner. Further reading Using a Break Glass Process to Provide Security for Privileged Accounts (BeyondTrust) Break glass (AWS procedure)

Career: Staying ahead requires continuous skill development and a commitment to deepen your knowledge and broaden your understanding. Embrace lifelong learning to maintain your competitive edge.

Checkmarx is a US company that develops and sells application security software. Further reading About Checkmarx (Corporate site) Checkmarx (Wikipedia) Related Zed Attack Proxy (ZAP)

Chesterton’s fence is the principle that before removing a rule, law, policy or practice, one should first understand why it was implemented in the first place. The concept originates from G.K. Chesterton, an English author. It is often cited as a type of conservative or cautionary saying. The idea is to avoid unintended consequences that could arise from hasty or uninformed changes. Further reading Chesterton’s fence - Wiktionary

The Clarifying Lawful Overseas Use of Data (CLOUD) Act is a US law that allows US law enforcement to access digital information stored outside of the US. Further reading CLOUD Act (Wikipedia) Related Schrems II

*the cloud is just someone else’s computer Graham Cluley Example Cloud Providers Microsoft Azure Google Cloud Amazon Web Services (AWS)

The Cloud Control Matrix (CCM) is a cybersecurity control framework developed by the Cloud Security Alliance (CSA) that provides a comprehensive set of security and compliance controls for cloud computing environments. From the Cloud Security Alliance: The CCM, the only meta-framework of cloud-specific security controls, mapped to leading standards, best practices and regulations. CCM provides organizations with the needed structure, detail and clarity relating to information security tailored to cloud computing. CCM is currently considered a de-facto standard for cloud security assurance and compliance. ...

The Cloud Security Alliance (CSA) is a nonprofit organization that promotes best practices for securing cloud computing environments through research, education, and industry collaboration. Related Cloud Control Matrix (CCM)

COBIT is an IT Controls and Governance framework developed and maintained by ISACA. The current version is COBIT 2019. Further reading COBIT - Wikipedia

Code review is a quality control process in software development where a second reviewer examines code changes to identify potential defects and to improve overall code quality. Further reading Code Review Guide (OWASP) (PDF) Code review (Wikipedia) Security-Oriented Code Review (NIST)

Corporate governance addresses the fundamental problem of how to ensure that those who manage a company act in the best interests of its owners, known as the agency problem. It is the system of rules, practices, and processes designed to align the interests of management with those of shareholders and other stakeholders, promoting accountability, transparency, and responsible decision-making. Effective corporate governance is essential for building trust, attracting investment, and fostering long-term sustainable growth. ...

Further reading DP22/3: Operational resilience: critical third parties to the UK financial sector | FCA UK DP3/22 – Operational resilience: Critical third parties to the UK financial sector | Bank of England Critical Third Parties - a new regulatory perimeter | PwC UK blog UK regulators provide further details on framework for oversight of critical third parties (UK DORA) | Ashurst Too Important to Fail: Regulating Critical Third Parties in the UK | Oxford Business Law Blog Financial Services and Markets Bill | UK Gov