Forget about being secure
If you can only spare 30 seconds skip to the test at the end of this blog post. During the recent ransomware crisis it was quite understandable for people to be upset about disruption to businesses and public services. It is also understandable that leaders of these organisations rushed to announce actions to make their systems secure. This is all understandable but, in some ways, it is also naive. More cyber-attacks will come and will cause more damage than we have seen so far. We need to take a more nuanced look at the problems and some practical responses.