Claire TillsDec 26, 20193 minWe Need More Qualitative Research on InfosecThis blog post is inspired by an article by Sooraj Shah for the BBC published about a month ago. When I read the article, I was really happy to see that someone was exploring this component of the situation. I did find myself doing an impromptu analysis of the article, comparing it to qualitative research. But that's not what it is, not what it's supposed to be. Articles like this are important and, in my opinion, aren't written enough. However, it does give me a chance to ta
Claire TillsMay 20, 20186 minCase Study: A.P. Møller-Maersk and NotPetyaA.P. Møller-Maersk's Chariman Jim Hagemann Snabe said on a panel at the World Economic Forum in January 2018 that "we were basically average when it comes to cybersecurity, like many companies, and this was a wake up call" he also said "we chose a very open dialogue around this from day one." These two quotes illustrate a novel approach to framing and responding to a cybersecurity incident. This approach was successful for Maersk in that it has made it through the incident wi
Claire TillsJun 9, 20172 minThe method to my madnessWhat does it mean that I’m looking at information security from a social science perspective? Well, according to good old Merriam-Webster, social science focuses on the functioning of human society and interpersonal relationships. More importantly, it is a science using rigorous, methodical examinations of questions and phenomena. In saying that I’m taking a social science approach, or bringing a social science perspective, to issues of information security, I’m saying that t