Notes (alphabetical)
Search to quickly find notes, articles, guides, and resources across the site.
Search to quickly find notes, articles, guides, and resources across the site.
The Chief Information Security Officer (CISO) role is typically the most senior information security position. Related pages BISO CRO
The EU AI Act, proposed in April 2021 and expected to be enforced starting in 2025, is a comprehensive regulatory framework that establishes rules for the development, use, and governance of artificial intelligence in the European Union, emphasizing risk-based oversight and ethical AI practices. Further reading The EU AI Act: The impact on financial services institutions (Consultancy.eu) The EU AI Act Newsletter EU AI Act (Future of Life Institute) EU AI Act: first regulation on artificial intelligence (European Parliament) AI Act (European Commission)
The GROW model is a simple, powerful framework for coaching conversations, widely credited to Sir John Whitmore’s Coaching for Performance. GROW stands for Goal, Reality, Options, and Will - four stages that guide a person to first Identify what they want (the Goal), then explore the current situation (the Reality), Consider what could be done by generating possibilities (the Options), and finally Committing to action (the Will). Using the step-by-step GROW process helps structure conversations that move people forward, whether you’re a manager, coach, or simply helping a colleague think something through. By focusing on questions rather than advice, the GROW model encourages ownership, reflection, and clarity - making it one of the most enduring and accessible coaching tools in use today. ...
The Minimax theorem, a key concept in game theory, offers valuable insights for risk and cybersecurity professionals. Originally developed for zero-sum games with perfect information, it also applies to scenarios with imperfect information. The theorem states that in zero-sum games (where one player’s gain is exactly balanced by the other’s loss), each player can choose a strategy to minimise their maximum possible loss — known as the minimax strategy. This approach limits worst-case losses, even against an optimal adversary. While cybersecurity scenarios aren’t always perfectly zero-sum, the analogy is useful because a defender’s loss (a successful attack) is often the attacker’s gain. ...
A management technique that encourages open debate but demands unity in execution, preventing decision paralysis and keeping organisations moving forward. What is Disagree and Commit ? Disagree and commit is a management principle that encourages open debate, while ensuring alignment once a decision has been made. It allows individuals to voice dissent during deliberations but requires full commitment to execution afterward. Notably, the phrase has been incorporated into Amazon’s leadership principles to mitigate decision paralysis. ...