This blog post is inspired by an article by Sooraj Shah for the BBC published about a month ago. When I read the article, I was really happy to see that someone was exploring this component of the situation. I did find myself doing an impromptu analysis of the article, comparing it to qualitative research. But that's not what it is, not what it's supposed to be. Articles like this are important and, in my opinion, aren't written enough. However, it does give me a chance to ta

A.P. Møller-Maersk's Chariman Jim Hagemann Snabe said on a panel at the World Economic Forum in January 2018 that "we were basically average when it comes to cybersecurity, like many companies, and this was a wake up call" he also said "we chose a very open dialogue around this from day one." These two quotes illustrate a novel approach to framing and responding to a cybersecurity incident. This approach was successful for Maersk in that it has made it through the incident wi

What does it mean that I’m looking at information security from a social science perspective? Well, according to good old Merriam-Webster, social science focuses on the functioning of human society and interpersonal relationships. More importantly, it is a science using rigorous, methodical examinations of questions and phenomena. In saying that I’m taking a social science approach, or bringing a social science perspective, to issues of information security, I’m saying that t