Editor Cyber Ethos 
The Booking.com breach has done more than expose millions of travelers’ data — it has exposed something far more uncomfortable: the gaps that boards are still not governing. Here’s what that looks like in the Booking.com context. The Booking.com Breach and the Risk Document That Doesn’t Exist After a breach like this, someone will eventually … Read more
When a board tells me they can’t find a CISO, they’re revealing something unintended. 75% of Australian CISOs face excessive expectations. 68% witnessed burnout this year. When candidates see boards treating cyber as compliance and CISOs as liability absorbers, they decline. What boards read as talent shortage is often the market’s verdict on the role … Read more
Your cybersecurity investments may be creating new vulnerabilities,and most boards never see it coming. Here’s a pattern I’ve watched play out across boardrooms for years. You’ll recognise it instantly. A board approves a significant cyber budget increase. Usually after a near-miss. Or a breach in their sector that made headlines. The money flows. Compliance boxes … Read more
Here’s the question directors should ask this quarter: If an AI tool can be “talked into” doing the wrong thing, who carries the risk when the business acts on it? AI is now embedded in daily operations: customer chatbots, internal “ask me anything” tools, copilots for code, and decision-support dashboards. Attackers have noticed. The World … Read more
