You have been temporarily restricted. Please be more thoughtful when adding content for your portfolio. Your portfolio and digital media kit and should be reflective of the professional image you wish to convey. Accounts may be temporarily restricted if we receive reports of spamming or if the system detects excessive entries.
Membership
Publish your original ideas on the Thinkers360 platform!
This feature is available for Pro and Pro-Plus Members Only.
Speaker Bureau functionality whereby individuals can be featured speakers within our Speaker Bureau service and enterprises can find and work with speakers.
This feature is available for Pro, Pro-Plus, Premium and Enterprise Members Only.
Contribute to the Thinkers360 Member Blog and have your thought leadership featured on our web site, newsletter and social channels. Reach our opt-in B2B thought leader community and influencer marketplace with over 100M followers on social media combined!
You’ve reached your daily limit for entering quotes. Please only add personally-authored content which is reflective of your digital media kit and thought leadership portfolio.
Thinkers360 Content Library
For full access to the Thinkers360 content library, please join ourContent Planor become a contributor by posting your own personally-authored content into the system viaAdd PublicationorImport Publication.
Unlock your personalized dashboard including metrics for your member blogs and press releases as well as all the features and benefits of our member plans!
JC Gaillard is the Founder and CEO of Corix Partners, a London-based Boutique Management Consultancy Firm and Thought-leadership Platform focused on assisting CIOs and other C-level executives in resolving Cyber Security Strategy, Organisation and Governance challenges.
He is a leading advisor, a senior executive and a global cyber security influencer with over 25 years of experience developed in several financial institutions in the UK and continental Europe, and a track-record at driving fundamental change in the Security field across global organisations, looking beyond the technical horizon into strategy, governance, culture, and the real dynamics of transformation.
French and British national permanently established in the UK since 1993, he holds an Engineering Degree from Telecom Paris and has been co-president of the Cyber Security group of the Telecom Paris alumni association since May 2016.
He runs the Corix Partners blog and the “Security Transformation Leadership” publication on Medium.
He is a Fellow of the Chartered Institute of Information Security (FCIIS) , a member of the Forbes Business Council and contributes regularly to the Business Transformation Network, London Tech Leaders and TechNative websites; he has also posted regularly in the past on The Digital Transformation People, IoTforAll, Business 2 Community and Experfy platforms.
He is an expert contributor on the CIO Water Cooler, and has previously published articles on InfoSecurity Magazine, Computing, the C-Suite.co.uk, Info Sec Buzz, Disruption Hub, and the IoD Director websites.
He is involved with techUK as part of their Cyber People Series, which explores how CISOs should engage at C-Suite and Board level, with two reports on the theme released in December 2020 and December 2021.
He also collaborates with leading analysts firm Kuppinger Cole in Germany, with the Association for Data and Cyber Governance in the US and with the Edutec Alliance in Brazil.
He was listed in the top 10 of UK 30 most influential thought leaders on Risk, RegTech and Compliance by Thomson Reuters in April 2017, and in the top 100 global social media influencers for financial services by Refinitiv in July 2019.
He is a 2022 Onalytica Cyber Security Influencer, and was also identified by them as as “Social Media Amplifier” on Risk Management in April 2021, and as a “Key Opinion Leader” on Data Management, IoT Connectivity and RPA in December 2020 and January 2021, as well as an influential voice and sub-topic expert on hybrid work and the future of work in January 2022.
He has been ranking consistently in the top 5 of global influencers with Thinkers360 on cybersecurity, and in the top 10 on leadership, management and security.
He is the author of “Cyber Security: The Lost Decade – A Security Governance Handbook for the CISO and the CIO” first published in September 2017 with updated annual editions released every year up to 2021, and "The CyberSecurity Leadership Handbook for the CISO and the CEO" released on Amazon in February 2023.
He animates the Security Transformation Research Foundation, a dedicated think-tank and research body affiliated to Corix Partners, aimed at approaching Security problems differently and producing innovative and challenging research ideas in the Security, Business Protection, Risk and Controls space, and co-produces the Cyber Security Transformation podcast on Anchor.
He is also a Non-Executive Director with Strata Security Solutions and has been a member of the NextWorld Capital European Advisors Network since 2014.
Available For: Advising, Consulting, Influencing, Speaking Travels From: London Speaking Topics: Cyber Security Leadership, Cyber Security Transformation
Speaking Fee
$5,000 (In-Person)
Jean-Christophe Gaillard
Points
Academic
20
Author
852
Influencer
164
Speaker
42
Entrepreneur
145
Total
1223
Points based upon Thinkers360 patent-pending algorithm.
The Corix Partners Friday Reading List - March 24, 2023
Thinkers360
March 24, 2023
Top 10 Leadership and Management links of the week, curated by JC Gaillard, focusing on cyber security of course, but also a large cross section of subjects including digital transformation, emerging tech, ESG governance and the future of work
The Corix Partners Friday Reading List - March 17, 2023
Thinkers360
March 17, 2023
Top 10 Leadership and Management links of the week, curated by JC Gaillard, focusing on cyber security of course, but also a large cross section of subjects including digital transformation, emerging tech, ESG governance and the future of work
The Corix Partners Friday Reading List - March 10, 2023
Thinkers360
March 10, 2023
Top 10 Leadership and Management links of the week, curated by JC Gaillard, focusing on cyber security of course, but also a large cross section of subjects including digital transformation, emerging tech, ESG governance and the future of work
The Corix Partners Friday Reading List - March 3, 2023
Thinkers360
March 02, 2023
Top 10 Leadership and Management links of the week, curated by JC Gaillard, focusing on cyber security of course, but also a large cross section of subjects including digital transformation, emerging tech, ESG governance and the future of work
Co-President Cyber Security Group - Telecom Paris Alumni Association - Paris, France
Telecom Paris Alumni Association
May 15, 2016
The group with about 300 members, aims at elaborating new and challenging points of view on cyber-security matters, through regular meetings and events hosted mainly at Telecom Paris, with alumni and professionals who work in this domain.
Member of the NextWorld Capital European Advisors Network
Next World Capital
November 01, 2014
NextWorld Capital invests in early-revenue stage enterprise tech startups and helps them grow into global leaders. A focused, dynamic firm that leads investments in what’s next and rolls up its sleeves to help grow companies into global leaders.
The Cybersecurity Spiral Of Failure—And How Organizations Can Break Out Of It
Forbes
November 29, 2022
Successful transformation in the cybersecurity space takes time because of the need to effectively embed secure practices across the culture of the firm.
The Third Series of the Corix Partners Cyber Security Transformation Podcast
Import from medium.com
October 23, 2022
We have just completed the 3rd Series of the Corix Partners Cyber Security Transformation Podcast.Over the past 24 weeks, we have revisited and updated two series of articles that we published between 2015 and 2018, looking at the evolution of the cyber security industry over the period and the impa
The 3 Traits of Successful Cyber Security Leaders
Import from medium.com
September 17, 2022
The cyber security transformative urgency in many firms forces to look beyond traditional technology profilesContinue reading on Security Transformation Leadership »
Revisiting our 2017–2018 Series — “The First 100 Days of the New CISO”
Import from medium.com
July 05, 2022
Revisiting our 2017–2018 Series — “The First 100 Days of the New CISO”The Third Series of our Cyber Security Transformation PodcastWe are continuing with the third series of our Cyber Security Transformation Podcast and will now be focusing on revisiting our 2017–2018 series of articl
Anybody Still Interested in GDPR (apart from lawyers)?
Import from medium.com
June 04, 2022
4 years on, it is starting to look like the introduction of the GDPR has not been the decisive moment for data privacy many were expecting.Continue reading on Security Transformation Leadership »
Time to Look at the Role of the CISO Differently
Import from medium.com
May 28, 2022
What is now required is political acumen, managerial experience and personal gravitas, more than raw technology skills.Continue reading on Security Transformation Leadership »
Leading by Listening: The Other Secret Sauce for the CISO
Import from medium.com
April 30, 2022
The times have gone when the CISO had to explain what cyber security was about and the value it broughtContinue reading on Security Transformation Leadership »
Three Keys To Understanding The Cybersecurity Skills Gap (And Dealing With It)
Forbes
April 08, 2022
You don’t have to go far to find cybersecurity professionals who are facing skills shortages, but the problem has several dimensions that have to be understood and mapped out before we can start to figure out possible solutions.
Cyber Security Awareness Programmes: Are They Really Working? And What to Do About it?
Import from medium.com
February 26, 2022
When some people say they don’t know what to do around cyber, you may want to ask them where they have been for the last 10 years…Continue reading on Security Transformation Leadership »
Time to Bring the Cyber Security Technical Debt under Control
Import from medium.com
February 12, 2022
Stop buying more tech for the sake of it and start focusing on the decluttering of your cyber security landscape.Continue reading on Security Transformation Leadership »
The Corix Partners Friday Reading List
Import from medium.com
February 03, 2022
An exclusive weekly selection of 10 top articles curated by Corix Partners Founder & MD JC Gaillard, focused on a large cross-section of leadership and management matters, covering cyber security of course, but also digital transformation, emerging tech, ESG governance and the future of workSam
Cyber Security: The Message that Never makes it up to the Board
Import from medium.com
January 08, 2022
Cyber security was never a purely technical problem; it is now a leadership imperative in many firmsContinue reading on Security Transformation Leadership »
Cyber Security Leadership for the CIO and the C Suite
Import from medium.com
January 08, 2022
The Cyber Security Leadership NewsletterAn essential resource for the CIO and the CISOClick here to view our January issue and subscribe if you like it (top left)A reference resource for the CIO and the C-Suite on cyber security, looking beyond the technology horizon into leadership, management, c
The Way Forward with Cyber Security Target Operating Models
Import from medium.com
October 11, 2021
“Process and People first, THEN Technology” will always be at the heart of the winning formula hereContinue reading on Security Transformation Leadership »
Cyber Security can be a Pillar of any Corporate Post-Pandemic Agenda, but are the CISOs ready for it?
TechNative
October 11, 2021
A comment left on one of my articles made me think: How can cyber security leaders drive a long-term transformative agenda, with a business and a board that cannot see beyond the short-term?
Turning the Tables on Cyber Security Budgets
Import from medium.com
September 18, 2021
Time to move away from bottom-up dynamics: The Board should decide on priorities and drive the discussionContinue reading on Security Transformation Leadership »
The 3 Biggest Mistakes the Board can Make around Cybersecurity
Association for Data and Cyber Governance
September 03, 2021
Although the topic of cybersecurity is now definitely on the board’s agenda in most organizations, it is rarely a fixed item. More often than not, it makes appearances at the request of the Audit & Risk Committee or after a question from a non-executive director, or – worse – in response to a security incident or a near-miss. All this hides a pattern of recurrent cultural and governance attitudes which could be hindering cyber security more than enabling it.
Cyber Security: The Lost Decade — 2021 Edition
Import from medium.com
September 01, 2021
Cyber Security: The Lost Decade — 2021 EditionWhy large organizations still struggle with decade-old security problems — and how to fix them*** Buy it here on Blurb ***I have been involved with information security matters for over 20 years and started writing regularly on the topic i
Cyber Security: A Top-down Imperative for Schools
Import from medium.com
August 07, 2021
JC Gaillard talks to Glaucia Rosas from the Edutec Alliance on how school leaders need to approach cyber security in the wake of the COVID…Continue reading on Security Transformation Leadership »
The Problem with Cyber Security ROI
Import from medium.com
July 31, 2021
CISOs being asked those questions should look beyond the topic itself and face the underlying issues it might be hiding.Continue reading on Security Transformation Leadership »
Why Cybersecurity Tools Aren’t Enough
Association for Data and Cyber Governance
July 30, 2021
For any organization above a certain size, effective and efficient protection can only result from the layered application of protective measures at the people, process, and technology level. And in that order.
Cyber Security: The Operational Illusion
TechNative
July 21, 2021
Looking back at what happened at ground level throughout the COVID crisis, it is clear that the focus has been entirely on operational matters: From moving into remote working at scale for the services industry, to keeping supply chains working for the manufacturing sector, or many retail firms having to re-invent themselves as digital businesses, literally within weeks. It has all been about keeping the lights on, understandably.
Cyber Security Automation is Key to Fight the Skills Gap
Import from medium.com
May 01, 2021
To start building solutions to the skills gap problem, it is key to look at it in all its dimensions.Continue reading on Security Transformation Leadership »
Deconstructing GRC and making it work in the Information Security space
Import from medium.com
February 26, 2021
Over recent years, the GRC (Governance, Risk and Compliance) acronym has become very common in the Information Security community. Various…Continue reading on Security Transformation Leadership »
The 3 Biggest Mistakes the Board can Make around Cyber Security
Import from medium.com
February 03, 2021
The protection of the business from cyber threats is something you need to grow, not something you can buyContinue reading on Security Transformation Leadership »
GDPR: When are the regulators going to show their muscles?
Import from medium.com
November 21, 2020
Protecting the Public or Protecting Big Business?… The recent downgrading of fines by the UK ICO for British Airways and Marriott raises…Continue reading on Security Transformation Leadership »
Post-COVID Outlook for Cyber Security: New Normal … Looking a Lot like the Old
Import from medium.com
July 20, 2020
The COVID crisis has not changed the cyber security fundamentals: What will the new normal be like?Continue reading on Security Transformation Leadership »
Is the Coronavirus killing the GDPR?
Import from medium.com
April 10, 2020
In practice, the COVID-19 crisis has put regulatory powers on hold but as things stand, two forces seem to be at play.Continue reading on Security Transformation Leadership »
Can you still Afford “not to afford” Cyber Security?
Import from medium.com
February 11, 2020
Large firms with multi-million IT and security budgets should not end up in the mess we have seen with recent ransomware incidents. Period.Continue reading on Security Transformation Leadership »
The Real Leadership Challenges around Cyber Security
Import from medium.com
January 16, 2020
The security industry needs to pivot away from “talking about things” onto “getting things done”Continue reading on Security Transformation Leadership »
Cyber Security: A Look Across Two Decades
Import from medium.com
November 28, 2019
The Security industry talks a lot about what could go wrong … but not so much about how to improve thingsContinue reading on Security Transformation Leadership »
The Impossible Role of the CISO
Import from medium.com
October 01, 2019
Security Organizations must evolve. The CISO cannot be credible on all frontsA recent comment I read on Linkedin made me think.It was in response to a post on zero-day vulnerabilities and software patching, and roughly translated from the French, it read as follows:“One day, you stand in front
Ransomware: Paying Money to Criminals is not an Ordinary Business Transaction
Import from medium.com
September 07, 2019
Public authorities must step up their game to help SMBsRansomware has been on the radar with cyber security professionals for a number of years. At Corix Partners, we wrote about it for the first time 3 years ago in the summer of 2016 following a conference in London at the Institute of Directors h
Evolution And The Chief Information Security Officer
Disruption Hub
August 15, 2019
The CISO cannot be credible on all fronts: The traditional role of the CISO must evolve to attract and develop a new generation of leaders into security roles. This is absolutely necessary to address the transversal nature of security – and privacy – matters in large firms, and break the spiral of failure which has plagued cybersecurity for the last decade.
The Tactical Trap
Import from medium.com
August 03, 2019
Cyber Security maturity stagnates because many CISOs are structurally prevented from looking beyond day-to-day firefightingMany CISOs struggle to look beyond day-to-day firefighting and get trapped in tactical games. We highlighted this last year in the context of our “100 Days” series and it is
Why are we still facing so many security products and vendors?
Import from medium.com
July 05, 2019
A symptom of the unhealthy relationship between cyber security and large firmsAs we reach one of the high points of each year’s conference season, one has to reflect once more on the staggering number of products and vendors active across the cybersecurity space.Once again, they will line up in t
Start-ups: Your Most Valuable Asset in the Long Run Will Be the Trust of Your Customers
Import from medium.com
July 05, 2019
Bake it in from the start: “Moving fast and breaking things” will become a thing of the past as customers and investors take security and privacy more and more seriouslyIt seems that security is still — at best — an afterthought for most start-ups as they go about building their Mini
Une gestion active des risques fournisseurs
ArsiaMons
June 25, 2019
La qualité de la relation client-fournisseur est un réel levier de croissance pour les entreprises et parfois un soutien essentiel en période de crise. Pour construire un lien fort, basé sur la confiance, une gestion fine du risque associé à chacun de ses fournisseurs « critiques » s’impose.
What Cyber Resilience is Not About …
Import from medium.com
June 01, 2019
What Cyber Resilience is Not About …Cyber resilience must not be used to legitimise window-dressing practices around cyber securityAlthough the theme is gaining momentum, there is a certain amount of confusion around what cyber resilience really means for organisations.For many, it is just anoth
Cloud-Native Environments: A Challenge for Traditional Cyber Security Practices
Import from medium.com
June 01, 2019
Blind trust is no longer enough in the era of GDPRClouds are those blurred masses of condensed watery vapor floating in the sky whose gloomy nature often leads to questionings around their true physical state. Are they really tangible? Could we touch what we look up to? And above all, is there a di
IoT Security: A simple matter of common sense for product developers and investors
Import from medium.com
May 10, 2019
Security basics should be part of any MVP. PeriodAfter almost 5 years (at least) of constant media coverage around IoT privacy invasions and security breaches, it is staggering to see some sectors of the tech industry apparently still struggling with those matters.For many analysts, it all boils d
Cyber Security in the “When-Not-If” Era
Import from medium.com
April 06, 2019
No longer just as an equation between risk appetite, compliance requirements and costsThe “When-Not-If” paradigm around cyber-attacks is changing the deal completely around cyber security.Many large organisations now assume that breaches are simply inevitable, due to the inherent complexity of
The Two Factors Killing GRC Practices
Import from medium.com
April 06, 2019
Excessive complexity and lack of first line integration render many GRC metrics uselessMany CISOs complain of communication problems with their business. They are not being listened to. They are not getting the budget they think they should get. They feel their business prioritises against security
Revue TELECOM 190 – Editorial par Jean-Christophe Gaillard et Laura Peytavin
Revue TELECOM
October 01, 2018
Alors que la France porte très haut en cette année 2018 le thème de l’intelligence artificielle (IA), pour en faire le Prométhée d’une nouvelle société numérique, le groupe Cybersécurité de Télécom Paris Alumni a décidé d’explorer l’implication de la déferlante « IA » dans le domaine de la sécurité numérique.
RGPD : A quoi peut-on s’attendre jusqu’au 25 Mai et au-delà ?
ArsiaMons
May 01, 2018
Depuis l’an dernier, le RGPD est au centre des discussions dans beaucoup d’entreprises en relation avec la protection de la vie privée et des données personnelles, leur sécurité, les risques associés et les contrôles à mettre en place. Mais la réalité reste que le concept de « conformité » RGPD est mal défini, en dépit de ce que beaucoup d’éditeurs et de consultants – grands et moins grands – voudraient vous faire croire.
Revue TELECOM 185 - Editorial par Jean-Christophe Gaillard
Revue TELECOM
June 15, 2017
Depuis plusieurs mois, les réseaux sociaux et Internet sont envahis par une immense quantité d’articles et de contenus autour du thème du RGPD: La nouvelle réglementation a la capacité d’être un véritable catalyseur autour de la Protection des données personnelles et de la sécurité mais il est essentiel de la placer dans le contexte juste et d’aller au-delà des clichés court-termistes.
Bridging the Gap Between IT Security and IT Operations
Infosecurity Magazine
June 09, 2017
Life for a CISO could be better. Too many today look out over an landscape overrun by poorly-deployed security tools consuming too many scarce resources, and a dynamic between IT and security that is skeptical at best and distrustful at worst.
Ransomware: 5 practical tips to deal with attacks, and why good practices matter more than ever
FIC
December 14, 2016
Ransomware attacks have become one of the most dominant forms of cyber-attacks over the past few years. For large firms, losses can easily run into the tens of millions by the time everything is added up.
Cyber insurance: What do you think you’re buying?
IoD Director
November 17, 2016
There has been a vast amount of hype around cyber insurance in recent years, and many industry players are jumping on the bandwagon because they perceive it to be a lucrative niche. In reality, the market is still maturing.
Internet des Objets, Big Data, Cloud : Prendre la sécurité et la confidentialité au sérieux
ArsiaMons
April 06, 2016
La convergence de l’IdO, du Big Data et des technologies liées au Cloud Computing ouvre depuis plusieurs années un très grand nombre de possibilités en termes de nouveaux produits et services numériques. Le sujet attire un grand intérêt de la part des médias et des investisseurs, qui va au-delà du buzz médiatique conventionnel : Ce type de convergence technologique est un évènement rare qui affectera – à terme – tous les secteurs de l’industrie, et aura un effet transformationnel profond sur l’économie en général et sur nos modes de vie.
4 Tips for CIOs to Deal Efficiently with Shadow IT
Information Security Buzz
December 03, 2015
Dealing with Shadow IT embodies the evolution of the role of the CIO, from being primarily a technologist and a problem solver to being an influencer and a risk manager. Thinking about Shadow IT as a “problem” and something that should be banned is not the right start. Embracing it without controls as the way forward is equally wrong. This is just part of a different way of working around technology and security.
Cyber Security: Board of Directors Need to ask the Real Questions
Information Security Buzz
August 07, 2015
The Board of Directors should not approach Cyber Security purely from a Risk perspective. Risk is ultimately about “things that may or may not happen”. When it comes to Cyber Security, the Board should start from the premise that this is a matter of “when”, not “if” – and should shift the focus towards understanding and managing what is actually getting done to protect the organisation.
Non Executive Director - Strata Security Solutions
Strata Security Solutions
March 01, 2019
Strata delivers joined-up security for infosec teams. By liberating security data from siloes, Strata puts cyber professionals in control and frees up time.
Cyber Security: The Lost Decade – 2021 Edition
The Security Transformation Research Foundation
August 31, 2021
Why large organizations still struggle with decade-old security problems - and how to fix them: A selection of key articles from leading expert and consultant JC Gaillard published on the Corix Partners blog since 2015 with updated annual editions released every year since.
Cyber Security: The Lost Decade - 2020 Edition
The Security Transformation Research Foundation
September 11, 2020
Why large organizations still struggle with decade-old security problems - and how to fix them: A selection of key articles from leading expert and consultant JC Gaillard published on the Corix Partners blog since 2015 and an update to our 2019 edition, including a full new section on the COVID pandemic and its implications.
Cyber Security: The Lost Decade - 2019 Edition
The Security Transformation Research Foundation
October 01, 2019
Why large organizations still struggle with decade-old security problems - and how to fix them: A selection of key articles from leading expert and consultant JC Gaillard published on the Corix Partners blog since 2015 and an update to our 2018 edition.
Cyber Security: The Lost Decade - 2018 Edition
The Security Transformation Research Foundation
November 01, 2018
Why large organizations still struggle with decade-old security problems - and how to fix them: A selection of key articles from leading expert and consultant JC Gaillard published on the Corix Partners blog since 2015 and an update to our 2017 edition.
Cyber Security: The Lost Decade - A Security Governance Handbook for the CISO and the CIO
The Security Transformation Research Foundation
September 01, 2017
Why large organizations still struggle with decade-old security problems - and how to fix them: A selection of key articles from leading expert and consultant JC Gaillard published on the Corix Partners blog since 2015
Ethical Leadership and Governance
Scoop.It
January 01, 2019
A reference resource for business leaders, at the intersection of Technology and Digital Transformation Ethics, Data Privacy, Cyber Security, Corporate Governance and Social Responsibility
Artificial Intelligence and Cybersecurity
Scoop.It
July 01, 2018
A key resource on artificial intelligence and cyber security, exploring how AI could transform the way digital assets can be better protected, as well as the emerging threats AI could bring and what they mean for our digital future
Cybersecurity Leadership
Scoop.It
January 01, 2018
A reference resource for the CIO and the CISO on cyber security, looking beyond the technology horizon into leadership, management, culture, governance, resilience and the real dynamics of security transformation
Digital Transformation Leadership
Scoop.It
January 01, 2018
A key resource on the dynamics of digital transformation for CDOs and other senior executives, looking into corporate culture, governance, leadership and management drivers
Tags: Digital Transformation, Management, Leadership
2 Founders
The Security Transformation Research Foundation
The Security Transformation Research Foundation
September 01, 2017
The Security Transformation Research Foundation is a dedicated think-tank and research body aimed at approaching Security problems differently and producing innovative and challenging research ideas in the Security, Business Protection, Risk and Controls space
Corix Partners is a Boutique Management Consultancy Firm focused on assisting CIOs and other C-level executives in resolving Cyber Security Strategy, Organisation and Governance challenges. As independent Transformation experts with over 20 years of experience in the field, we help our clients develop strong company-wide Security practices that deliver real and lasting value.
Fellow of the Chartered Institute of Information Security
CIISec
April 01, 2022
The Chartered Institute of Information Security (CIISec) is the only pure play information and cyber security institution to have been granted Royal Charter status and is dedicated to raising the standard of professionalism in information and cyber security.
CIISec provide a universally accepted focal point for the information cyber security profession. It is an independent not-for-profit body governed by its members, ensuring standards of professionalism for training, qualifications, operating practices and individuals.
Official Member & Thought-Leader - Forbes Business Council
Forbes
February 04, 2022
Forbes Business Council is an invitation-only community for successful entrepreneurs and business leaders. Members are respected leaders and executives who are selected for the council based on the depth and diversity of experience in leadership, management, customer engagement, technology & growth.
Member - The Institute of Directors
IoD
July 01, 2011
The IoD is a thriving membership community for directors in the UK and beyond, where you can connect with other leaders, develop your skills and be heard. At a time when great directors have never been more important, the IoD offers professional development, valuable connections and influence.
Ranked # 5 - Top 50 Global Thought Leaders and Influencers on Management (September 2022)
Thinkers360
September 03, 2022
Here’s the Thinkers360 live leaderboard for our top 50 global thought leaders and influencers on Management for 2022. Congratulations to all our thought leaders and experts who participated!
Ranked # 5 - Top 50 Global Thought Leaders and Influencers on Security
Thinkers360
January 09, 2022
Here’s the Thinkers360 live leaderboard for our top 50 global thought leaders and influencers on Security for January 2022. Congratulations to all our thought leaders and experts who participated!
Ranked # 9 - Top 50 Global Thought Leaders and Influencers on Management (August 2021)
Thinkers360
August 21, 2021
Here’s the Thinkers360 live leaderboard for our top 50 global thought leaders and influencers on Management for August 2021. Congratulations to all our thought leaders and experts who participated!
Social Amplifier - Risk Management - Onalytica
Onalytica
April 28, 2021
This Who’s Who report provides you with a varied sample of influential voices discussing risk management online. From Event Speakers, Industry KOLs to Researchers & Contributors, this list will help you find experts within the risk management conversation.
This ‘Who’s Who’ report aims to outline the most far-reaching voices creating content and communicating online about the potential of IoT Connectivity.
This ‘Who’s Who’ report has an important focus on bringing attention to the voices raising awareness and driving solutions within the RPA conversation. From individuals to organisations who are working, speaking and writing within the space.
Ranked #10 in the ThomsonReuters list of Top 30 Social Influencers on Risk, Compliance and Regtech in the UK
Thomson Reuters
April 24, 2017
Through their use of innovative and disruptive media, these leading 30 individuals contribute to the growth and vibrancy of this fast-moving sector in the UK
Cyber Review: Cybersecurity The Lost Decade
CyberMaterial
May 23, 2022
JC Gaillard talks with Sofia at CyberMaterial and together they review his book "Cyber Security: The Lost Decade" which has now gone through 5 annual editions, and explore why large organisations still struggle with decade-old security problems, and what to do about it
The Role of the CISO is at a Crossroad
The Business Transformation Network
March 09, 2021
A Q&A interview with Jean-Christophe Gaillard, Leading Security influencer and Managing Director at Corix Partners, regarding the role of the CISO and how it sits within organisations today.
Cyber Security, Risk, Silver Bullets and Covid-19
The Business Transformation Network
September 01, 2020
A Q&A interview with Jean-Christophe Gaillard, Leading Security influencer and Managing Director at Corix Partners, regarding cybersecurity in an age of COVID.
The Hard Truth Around Cyber Security Awareness Programs - An interview with Jean-Christophe Gaillard, Managing Director and Founder, Corix Partners
Thinkers360
May 01, 2020
We often hear that “cyber security must be everybody’s responsibility”; what does that mean in practice?
Onalytica: Interview with JC Gaillard - Top influencer in Cyber Security Strategy, Organisation and Governance
Onalytica
April 24, 2020
"I am passionate about helping the cyber security industry move forward. It is shocking to see cyber security maturity levels so low in many firms in spite of the billions spent – collectively – on technical security products across the last two decades. That’s not because those don’t work; it’s because they are rarely properly deployed or used: Too many organisations have been focusing for too long on non-existent quick wins around cyber security, and on technology, instead of putting people and process first. The roadblocks that have been preventing progress are rooted in culture and governance. And endemic corporate short-termism. Cyber security transformation requires a coherent leadership vision, long-term action and relentless drive to succeed."
How to win the Fintech talent war
Refinitiv
October 31, 2019
A Fintech talent war is pitching corporations against startups in pursuit of the AI skills required for the digital transformation of financial services. The #RefinitivSocial100 thought leaders discuss hiring, retaining and educating data science talent.
GDPR Cyber Security and Cyber Resilience
Aphaia
April 21, 2017
We discussed GDPR cyber security aspects with Richard Preece and Jean-Christophe Gaillard. The two experts share their views on why GDPR can be a catalyst around data security challenges.
European Cybersecurity Job Market and the Gender Perspective
Kuppinger Cole
November 10, 2020
JC Gaillard, Founder and Managing Director, Corix Partners participated in a panel discussion as part of the Cybner Security Leadership Summit hosted by Kuppinger Cole. The discussion focused on the state of the European cybersecurity job market, the importance of gender diversity and the relevance of the skills gap considerations, as a follow up to JC's presentation in the morning. Other panelists included Rayna Stamboliyska, VP Governance & Public Affairs at Yes We Hack , and the panel was facilitated by Anett Mádi-Nátor,
President / Deputy CEO responsible for Strategic Business Development, Women4Cyber Foundation / Cyber Services Plc.
Tags: Cybersecurity, Diversity and Inclusion, Leadership
#RefinitivSocial100 Perspectives UK Breakfast Roundtable
Refinitiv
September 18, 2019
JC Gaillard, Founder and Managing Director, Corix Partners attended a breakfast roundtable hosted by Refinitiv Head of Innovation Amanda West, and attended by CEO David Craig and Head of Strategy Ben Shepherd. The roundtable focused on fintech and AI, and was also attended by other members of the #RefinitivSocial100 panel: Neira Jones, David Doughty, Steve Cook, Timo Dreger, Liz Lumley, Susanne Chishti, Xavier Gomez and Jim McClelland
Cyber Risk across the Supply Chain
IRT System X
June 25, 2019
JC Gaillard, MD & Founder, Corix Partners, facilitated a panel discussion on cyber risk across the supply chain in Paris on 25th June 2019 at a conference organised by IRT SystemX in collaboration with the French Insurance Federation.
Cyber Security and The Promises of Predictive Risk Analysis
G9+
September 19, 2018
JC Gaillard, MD & Founder, Corix Partners, represented Corix Partners on a panel of experts on 19th September 2018 in Paris at a conference hosted by G9+ Institute and sponsored by Verizon on the theme “Cyber Security and The Promises of Predictive Risk Analysis”
Data Protection: Compliance and Governance in the Face of an Exploding Cyber Criminality
G9+
July 04, 2017
JC Gaillard, MD & Founder, Corix Partners, represented Corix Partners on a panel of experts on 4th July 2017 in Paris at a conference hosted by G9+ Institute and sponsored by Verizon on the theme “Data Protection: Compliance and Governance in the Face of an Exploding Cyber Criminality”
Ransomware: The evolution of the threat, how firms can protect themselves, and how best to react
FIC
January 25, 2017
JC Gaillard, MD & Founder, Corix Partners, animated a panel discussion at the FIC 2017 conference in Lille, France on 25th January 2017. The panel theme was focused on Ransomware, the evolution of those threats, how firms – large and small – can protect themselves, and how best to react to such incidents.
The Virtual CISO Moment
The Virtual CISO Moment
February 22, 2023
A Conversation with Jean-Christophe Gaillard - The Virtual CISO Moment dives into the stories of information security, information technology, and risk management pros; what drives them and what makes them successful while helping small and midsized business (SMB) security needs. No frills, no glamour, no transparent whiteboard text, no complex graphics, and no script - just honest discussion of SMB information security risk issues.
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 24 - "Process and People first, then Technology"
Corix Partners
October 18, 2022
JC Gaillard reaches the final episode in this third series of the Corix Partners Cyber Security Transformation Podcast, and revisits a few key aspects highlighted throughout the series, in particular the importance of the "Process and People first, then Technology" principle
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 23 - Looking back at "The First 100 Days of the New CISO"
Corix Partners
October 11, 2022
JC Gaillard continues to analyze the way the various aspects highlighted in earlier episodes of the Series are interlinked; in this episode, he goes back to the "when-not-if" paradigm around cyber attacks and why tactical and strategic execution is paramount for the new CISO
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 22 - Looking back at "The First 100 Days of the New CISO"
Corix Partners
October 04, 2022
JC Gaillard reaches the final episodes in this Series and starts to look at how the various aspects highlighted in earlier episodes are interlinked; in this episode, the key traits senior execs and Board members need to focus on when hiring a new CISO
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 21 - Looking back at "The First 100 Days of the New CISO"
Corix Partners
September 27, 2022
JC Gaillard looks at the way the cyber security agenda needs to be framed at Board level, to enable the best positioning of the role and profile of the new CISO ahead of the "First 100 Days"
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 20 - Looking back at "The First 100 Days of the New CISO"
Corix Partners
September 20, 2022
JC Gaillard digs into the concept and definition of a Security Operating Model, why it needs to underpin the "First 100 Days of the New CISO", and why "Process and People first, then Technology" has to be the main guiding principle here
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 19 - Looking back at "The First 100 Days of the New CISO"
Corix Partners
September 13, 2022
JC Gaillard continues exploring a few specific topics surrounding the "First 100 Days of the New CISO"; in this episode, the reporting line of the CISO, why it matters and how to determine which would work best
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 18 - Looking back at "The First 100 Days of the New CISO"
Corix Partners
September 06, 2022
As part of his continuing exploration of the "First 100 Days of the New CISO", JC Gaillard looks into the profile of the CISO and why management experience is of paramount importance, over and above technical knowledge.
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 17 - Looking back at "The First 100 Days of the New CISO"
Corix Partners
August 30, 2022
JC Gaillard continues exploring the topics surrounding the "First 100 Days of the New CISO"; in this episode, he dives into the aspects surrounding the tenure of the CISO and why it is key to driving security transformation
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 16 - Looking back at "The First 100 Days of the New CISO"
Corix Partners
August 23, 2022
JC Gaillard is joined by Head of Cyber and Information Security at Swansea University Neil Cordell, to discuss his real-life experience of taking up a new CISO position in the midst of the Covid pandemic, and the lessons that can be learnt about bringing all stakeholders on board the cyber security transformation journey
Neil's details can be found here on Linkedin >> https://www.linkedin.com/in/neilcordell/
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 15 - Looking back at "The First 100 Days of the New CISO"
Corix Partners
August 16, 2022
JC Gaillard reaches the end of his exploration of the "First 100 Days of the New CISO" and before moving on to a number of episodes with guests on the theme, he digs into "expectations vs. reality" and explores the root causes of the disconnect which may exist between what the CISO finds on arrival and what they were sold at interview time
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 14 - Looking back at "The First 100 Days of the New CISO"
Corix Partners
August 09, 2022
JC Gaillard continues its exploration of the "First 100 Days of the New CISO" with an analysis on how tactical firefighting and the unavoidable handling of cybersecurity incidents must not be seen just as a "curse" throughout the first 100 days, but can be used to build up trust with stakeholders
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 13 - Looking back at "The First 100 Days of the New CISO"
Corix Partners
August 02, 2022
JC Gaillard reaches the end of the "6 days-6 weeks-6 months" cycle he explored around "The First 100 Days of the New CISO", and looks at what happens next, and how CISOs can continue to drive change
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 12 - Looking back at "The First 100 Days of the New CISO"
Corix Partners
July 26, 2022
JC Gaillard reaches the "6 months" part of his journey throughout the "First 100 Days of the New CISO"; in this episode, how to build an execution framework to support the strategic vision defined earlier, and why governance is key at this stage to support lasting change
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 11 - Looking back at "The First 100 Days of the New CISO"
Corix Partners
July 19, 2022
JC Gaillard continues developing his "6 days - 6 weeks - 6 months" model, framing the first 100 days of the new CISO; in this episode, the six weeks horizon, and how to continue building a strategic framework addressing the key challenges of the new CISO role
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 10 - Looking back at "The First 100 Days of the New CISO"
Corix Partners
July 12, 2022
JC Gaillard continues to look back at his 2017-2018 series of articles about "The First 100 Days of the New CISO"; in this episode, he looks into the challenges of the first week, and why it is key to understand the firm, its people and its culture from the start
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 9 - Looking back at "The First 100 Days of the New CISO"
Corix Partners
July 05, 2022
We enter the second part of our third series and JC Gaillard starts exploring and revisiting his 2017-2018 series of articles entitled "The First 100 Days of the New CISO"; in this episode, why context is key and how to assess it, looking in turn at the profile of the person, the nature of the role and the maturity of the firm
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 8 - Looking back at "The CIO Guide to a Successful Cyber Security Practice"
Corix Partners
June 28, 2022
JC Gaillard reaches the final part in the re-examination of his 2015 series titled "The CIO Guide to a Successful Cyber Security Practice"; in this episode, why it is key to think in terms of process first when architecting a cyber security practice, and not in terms of technical tools
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 7 - Looking back at "The CIO Guide to a Successful Cyber Security Practice"
Corix Partners
June 21, 2022
JC Gaillard reaches the 7th key management pitfall to avoid in his re-assessment of his 2015 series of articles entitled "The CIO Guide to a Successful Cyber Security Practice"; in this episode, why it is key to look at cyber security as a structured practice, and not just a collection of tactical activities and technical projects
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 6 - Looking back at "The CIO Guide to a Successful Cyber Security Practice"
Corix Partners
June 14, 2022
JC Gaillard reaches a key point in his journey through the 8 key management pitfalls for CIOs and CTOs to avoid when building or rebuilding cyber security practices; in this episode, why it is key to see cyber security not just as a technology discipline, and to build it as a cross-sile practice from the start
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 5 - Looking back at "The CIO Guide to a Successful Cyber Security Practice"
Corix Partners
June 07, 2022
JC Gaillard moves onto his 5th key management pitfall to avoid when building or rebuilding effective and efficient cyber security practices; in this episode, why it is key to think in terms of operating model and work with all stakeholders including HR, in the definition and distribution of cyber security accountabilities and responsibilities
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 4 - Looking back at "The CIO Guide to a Successful Cyber Security Practice"
Corix Partners
May 31, 2022
JC Gaillard continues his re-examination of his 2015 series of articles titled "The CIO Guide to a Successful Cyber Security Practice"; in this episode, why it is key to look beyond the short term and think in terms of process to drive effective and lasting change
The Corix Partners Cyber Security Transformation Podcast - Series 3 - EPISODE 3 - Looking back at "The CIO Guide to a Successful Cyber Security Practice"
Corix Partners
May 24, 2022
JC Gaillard continues exploring and updating his 2015 series on the "CIO Guide to a Successful Cyber Security Practice"; in this episode, why throwing money at the problem is rarely the solution to maturity development around cyber security and why trust is paramount in the relation between the CISO and senior execs
The Cyber Security Transformation Podcast - Series 3 - EPISODE 2 - Looking back at "The CIO Guide to a Successful Cyber Security Practice"
Corix Partners
May 17, 2022
JC Gaillard continues to look back at his 2015 articles series "The CIO Guide to a Successful Cyber Security Practice" and highlights why risk management alone can no longer be the beating heart of cyber security practices
The Cyber Security Transformation Podcast - Series 3 - EPISODE 1 - Looking back at "The CIO Guide to a Successful Cyber Security Practice"
Corix Partners
May 10, 2022
JC Gaillard looks back at his 2015 series of articles published on the Corix Partners blog under the title of "The CIO Guide to a Successful Cyber Security Practice"; in this episode, he re-examines the first pitfall to avoid for CIOs and why cyber security cannot just be seen as an "enabler"
The Cyber Security Transformation Podcast - Series 2 - EPISODE 15 - A Look Back at the log4j Incident
Corix Partners
February 03, 2022
JC Gaillard is joined by Chris Burtenshaw from Strata Security to discuss how the log4j incident unfolded and was handled, and the lessons that can be learnt from the past few months
The Cyber Security Transformation Podcast - Series 2 - EPISODE 14 - Where Are We Now With GDPR?
Corix Partners
January 11, 2022
JC Gaillard is joined by Cristina Contero from Aphaia to follow up on earlier podcasts episodes on GDPR and review what has changed over the past 6 to 8 months since our last podcast on the theme with Bostjan Makarovic
The Cyber Security Transformation Podcast - Series 2 - EPISODE 13 - A Look Back at Cyber Security in 2021
Corix Partners
December 30, 2021
JC Gaillard is joined again by guest Steve Lamb, who animated the launch of the first series of the podcast last year; together they look back at the drivers that have shaped cyber security throughout 2021, and more generally throughout the COVID pandemic
The Cyber Security Transformation Podcast - Series 2 - EPISODE 12 - Cyber Security, Governance & Risk for the Digital Age
Corix Partners
November 02, 2021
JC Gaillard is joined by Richard Preece, Founder & Director, DA Resilience to discuss how the pandemic has affected cybersecurity governance, controls appetite and risk management from the Board down, and how exponential changes over the next decade are going to impact those trends
The Cyber Security Transformation Podcast - Series 2 - EPISODE 11 - Cyber Security, the CISO and the CIO: Seeing it From Both Sides of the Fence
Corix Partners
September 30, 2021
JC Gaillard is joined by Natasha McCabe to discuss the leadership lessons which can be learned from having held both CISO and CIO roles, and having seen cyber security from the two sides of the fence
The Cyber Security Transformation Podcast - Series 2 - EPISODE 10 - Oscar O'Connor and JC Gaillard on Security Transformation, Covid-19, People and Trust
Corix Partners
August 12, 2021
JC Gaillard is joined by Oscar O'Connor to discuss "Playing the Triangles", his latest piece on the Corix Partners blog: A reflection on business and security transformation dynamics in the post-covid era
The Cyber Security Transformation Podcast - Series 2 - EPISODE 9 - Looking Back at the Cyber Security Skills Gap: Real Problem or Self-inflicted Pain?
Corix Partners
July 19, 2021
JC Gaillard is joined by Rayna Stamboliyska to look back at the cyber security skills back, its implications and how to address it through better talent management, clearer career paths and a greater emphasis on diversity
The Cyber Security Transformation Podcast - Series 2 - EPISODE 8 - The Impact of the COVID Pandemic on Cyber Insurance: What has changed and what to expect?
Corix Partners
July 06, 2021
JC Gaillard is joined with Hani Banayoti from CyberSolace to explore the impact the COVID-19 pandemic has had on the cyber insurance sector and what can be expected going forward in terms of new dynamics
The Cyber Security Transformation Podcast - Series 2 - EPISODE 7 - Cyber Security Career Paths: How do you bridge between security roles and IT management roles?
Corix Partners
June 15, 2021
JC Gaillard is joined by Alexa Glynn, from Rabobank Australia & New Zealand, to discuss how you transition from security roles into IT management roles and why security professionals don't have to feel condemned to hopping between security jobs
The Cyber Security Transformation Podcast - Series 2 - EPISODE 6 - GDPR and the Schrems II ruling: Where are we now around data transfers between the EU and the US?
Corix Partners
May 25, 2021
JC Gaillard is joined again by guest Bostjan Makarovic from Aphaia to discuss the impact of the Schrems II ruling on GDPR compliance and data transfers between the EU and the US
The Cyber Security Transformation Podcast - Series 2 - EPISODE 5 - IT Security vs. OT Security: What's the state of play?
Corix Partners
April 20, 2021
JC Gaillard is joined by cyber security expert Steven O'Sullivan to explore the issues surrounding IT and OT convergence and their implications for cyber security at large across industry sectors
The Cyber Security Transformation Podcast - Series 2 - EPISODE 4 - Observability: What does it really mean for cyber security?
Corix Partners
March 30, 2021
JC Gaillard is joined by Chris Burtenshaw from Strata Security; together they explore the meaning of observability in the cyber security space: Is it just hype over substance? or is there more to it than meet the eye?
The Role of CISO is at a Crossroads
The Business Transformation Network
March 16, 2021
Why is the role of the CISO at a crossroads? This episode of The BTN podcast is a conversation with Jean-Christophe Gaillard, Founder and Managing Director at Corix Partners, looking at the role of CISO in modern businesses, how the role has changed, the interdependence between the CSO and CISO and much more.
The Cyber Security Transformation Podcast - Series 2 - EPISODE 3 - Where are we now with GDPR?
Corix Partners
March 09, 2021
JC Gaillard is joined by Bostjan Makarovic from Aphaia for a great discussion on GDPR, the size of fines and role of regulators, the risk of irrelevance they may face if they keep things imbalanced, and the impact of the Schrems II ruling
Where should the CISO role sit in an organisation to be most effective?
techUK
March 01, 2021
A closer look at the recommendations made in the techUK "CISO at the C-Suite" report published in December 2020, with key contributors Jean-Christophe Gaillard and Jason Tooley.
The Cyber Security Transformation Podcast - Series 2 - EPISODE 2 - Resilience: What Does It Really Mean in Business Terms?
Corix Partners
February 25, 2021
JC Gaillard is joined by experienced operational resilience consultant Nick Simms to explore what resilience really means in business terms and where cyber resilience needs to fit within a broader business resilience framework
Tags: Business Continuity, Cybersecurity, Leadership
The Cyber Security Transformation Podcast - Series 2 - EPISODE 1 - How to Frame the Cyber Security Conversation at Board Level?
Corix Partners
February 16, 2021
JC Gaillard is joined by Richard Preece, director of DA Resilience, to explore how best to frame the conversation at Board level around cyber security in order to engineer effective and efficient engagement and top-down dynamics
The Cyber Security Transformation Podcast - EPISODE 20 - What did we learn about cyber in the crazy year that was 2020?
Corix Partners
December 11, 2020
By any account the last year has been crazy. So much had to change so quickly and that included cyber security. In this episode we discuss the key lessons learned about security and privacy.
Cybersecurity, Risk, Silver Bullets and COVID-19
The Business Transformation Network
December 08, 2020
"This isn't just about risk anymore." This episode of The BTN podcast is a conversation with Jean-Christophe Gaillard, Founder and Managing Director at Corix Partners, on cybersecurity and risk, silver bullets and the effects of COVID-19. This conversation looks at cybersecurity in displaced organisations, the relationship between risk and cybersecurity, the impact of COVID-19 on the state of businesses cybersecurity and much more.
The Cyber Security Transformation Podcast - EPISODE 19 - Digital transformation: Is the role of the CISO becoming an outdated concept?
Corix Partners
November 27, 2020
COVID has led many organizations to rush their provision or remote access to their employees and many have accelerated their digital transformation programmes. We discuss the role of the CISO in this context.
The Cyber Security Transformation Podcast - EPISODE 17 - How to embed security and privacy on the board agenda?
Corix Partners
November 13, 2020
In this episode we discuss the need for top down engagement by the board to bring life into the to security and privacy strategy of their organisation. We look at the importance of embedding these important considerations into the Environmental, Social and Governance (ESG).
The Cyber Security Transformation Podcast - EPISODE 16 - GDPR: When are the regulators going to show their muscles?
Corix Partners
November 06, 2020
Following the recent announcement from the ICO of significantly reduced fines for BA and Marriott the question has to be asked "Where are the landmark cases of fines in the order of 4% of revenue for huge scale breaches?". Clearly during the pandemic the travel and hospitality industries are under great financial strain but since GDPR came in over two years ago there haven't been any fines that have been anywhere near the expected magnitude.
The Cyber Security Transformation Podcast - EPISODE 15 - From Cyber Security Awareness to Genuine Cultural Change: What do you need to make this work?
Corix Partners
October 23, 2020
We’re joined by Zsuzsanna Berenyi from the London Stock Exchange Group who shares her experience on how to drive cultural change to embed security awareness into organizations.
The Cyber Security Transformation Podcast - EPISODE 14 - Where are we with Cyber Insurance?
Corix Partners
October 16, 2020
In this episode we are joined by Hani Banayoti (hani.banayoti@cybersolace.co.uk) from Cyber Solace to discuss the ways in which the cyber insurance market has changed over the last ten years. We look at the drivers towards organisations choosing to pay for cyber insurance, it's role in helping them keep the lights on if they are breached and the trends with regard to ransomware and GDPR.
The Cyber Security Transformation Podcast - EPISODE 13 - Why it’s important for CISOs not to get lost firefighting
Corix Partners
October 09, 2020
Incoming CISOs clearly have to identify and put out fires. In this episode we discuss why many CISOs get stuck in this phase. We look at ways to enable transformative change.
The Cyber Security Transformation Podcast - EPISODE 12 - Why Should Security and Privacy be Included in the MVP of Startups
Corix Partners
October 02, 2020
We discuss why it’s important to think carefully about how to ensure the Minimum Viable Product (MVP) software written by startups pays attention to the requirements of privacy and security
The Cyber Security Transformation Podcast - EPISODE 11 - How to Address the Proliferation of Security Tools
Corix Partners
September 25, 2020
Chris Burtenshaw, CEO of Strata Security joins us to discuss how many organizations have far too many security products and how to address the complexity and management overhead they often bring.
The Cyber Security Transformation Podcast - EPISODE 9 - Where are we with GDPR?
Corix Partners
September 04, 2020
Given the financial strain caused by COVID-19 which has been especially severe on the hospitality and airline sectors the likelihood of large fines being imposed on Marriot and BA looks low - what does this mean for compliance?
The Cyber Security Transformation Podcast - EPISODE 7 - Ransomware: Key Elements to Bear in Mind and How to Respond
Corix Partners
August 07, 2020
The threat to business continuity posed by malicious actors using ransomware isn’t new but it’s causing pain to many. The most recent high profile attack was on Garmin - a company Steve relies upon to help with his marathon training
The Cyber Security Transformation Podcast - EPISODE 6 - The Importance of Data Privacy
Corix Partners
July 24, 2020
In this episode we discuss the need for privacy to be carefully considered and for appropriate controls to be applied together with the challenges for GDPR regulators in light of the COVID pandemic.
The Cyber Security Transformation Podcast - EPISODE 5 - Does the Role of the Virtual CISO Make Any Sense?
Corix Partners
July 17, 2020
Faced by constant reports of cyber-attacks in the media, most small and medium-size organisations have woken up to the reality of cyber threats over the past few years. Many still don’t really know what to do to protect themselves and turn to “virtual CISO” services for assistance. While this is better than doing nothing or relying blindly on the security of cloud providers, those externalised, part-time services – often delivered remotely – are rarely the magic bullet they pretend to be…
The Cyber Security Transformation Podcast - EPISODE 2 - Ensuring Security and Privacy for Bespoke Software
Corix Partners
June 26, 2020
We discuss the challenges of ensuring that code that’s written either in-house or commissioned from a third party follows the Security Development Life Cycle
The Cyber Security Transformation Podcast - EPISODE 1 - COVID-19, Cyber Security and Budgets
Corix Partners
June 19, 2020
A weekly independent podcast with a different take on what’s happening in the cyber security industry: Drawing on decades of real-life experience, JC Gaillard, Steve Lamb and their guests share their views in a weekly podcast on both the interesting news stories and their own experiences of the week.
15 Ways To Leverage And Supplement AI In Your Cybersecurity Efforts
Forbes
May 05, 2022
Leaders need to ensure that sensitive information cannot be breached and that important data remain protected. Artificial intelligence can be an incredibly helpful tool in a company's arsenal for warding off cyber threats. A panel of Forbes Business Council members named 15 things a business leader can do to leverage and supplement AI capabilities for cyber security.
On A Budget? Follow These 15 Affordable Content Marketing Strategies
Forbes
April 27, 2022
To help entrepreneurs maximize their efforts without breaking the bank, 15 members of Forbes Business Council shared their most engaging, affordable content marketing strategies to try out.
Fortune 500 CISOs Play Musical Chairs
Cybercrime Magazine
August 27, 2021
Surging damages from cybercriminal attacks have driven the salaries of information security officers (CISOs) through the roof, with some companies offering seven-figure salaries to attract the right talent. So why is it so hard to keep CISOs in the job?
Jean-Christophe Gaillard, managing director and founder of management consultancy firm Corix Partners, believes many CISOs have suffered from a lack of role definition and support by company executives that are often all too happy to leave the CISO holding the bag when things go wrong.
“Many CISO positions were created in response to rampant cyber threats across the last decade in industries which never had such roles in place,” he argues.
“They were created tactically with the operational objective of preventing breaches, by senior executives who didn’t really understand the context and the transversal complexity involved in the cyber protection of large organizations.”
This had left CISOs fighting perpetually in reactive mode, and prevented them from developing the leadership and management skills needed to make the CISO role more strategic and high-level.
“Many CISOs struggled with limited resources and constant attacks, and never managed to build a meaningful narrative with management beyond mere firefighting,” Gaillard explains. “They were prevented from developing the softer skills, the personal gravitas, the political acumen, which are key to delivering complex initiatives in large firms.”
Cybersecurity Leadership: The Secret Sauce for the CISO
Irish Management Institute
March 23, 2023
JC Gaillard, Founder & CEO, Corix Partners, was invited by the Irish Management Institute to present on 23 March 2023 as part of they Cyber Leadership programme.
His presentation revisited his 2022 series of articles on cybersecurity leadership and in particular, the theme developed here in this Medium interview.
The session was hosted by Anna Connolly, and overall coordinated by Ciara Kissane and Tony Moroney.
The IMI Cyber Programme is delivered in association with Cyber Ireland, and supported by IT@Cork Skillsnet.
Cyber Security: A Look Across Two Decades - Cyber Security Leadership Summit, Berlin, Germany - Nov 12-14 2019
Kuppinger Cole
November 14, 2019
Research released by The Security Transformation Research Foundation at the Cyber Security Leadership Summit in Berlin on 12-14 November 2019, highlights significant trends in the way the language of security has evolved across the last 2 decades.
Security and Privacy in the "When-Not-If" Era - EIC 2019, Munich, Germany - May 14-17 2019
Kuppinger Cole
May 15, 2019
Beyond a mere equation between risk appetite, compliance and costs, cybersecurity is becoming a matter of good corporate governance, good ethics, and quite simply – good business. The Board, which is ultimately accountable for cyber resilience, must own it and drive it as a key pillar of any firm Environmental, Social and Governance (ESG) strategy
Three Factors Marginalising the Historical Role fo the CISO - Cyber Security Leadership Summit, Berlin, Germany - Nov 12-14 2018
Kuppinger Cole
November 14, 2018
Far from being reinforced by the constant avalanche of cyberattacks and data breaches of the past few years, the CISO role is still rarely a true C-level function and is being marginalised by a number of long term trends: Is the CISO an outdated concept? And what to do about it?
Why are we still talking about the reporting line of the CISO? - SASIG, London, UK - May 8 2018
SASIG
May 08, 2018
Why are so many organisations and security professionals still worried about the reporting line of the CISO? This is one of the oldest and most consistent debate agitating the security industry, and it looks far from resolved.
"Rethinking and Rewiring Infosec": How Large Firms Must Approach Cyber Security Challenges - Digital Finance World, Frankfurt, Germany - Feb 28 / Mar 1 2018
Kuppinger Cole
February 28, 2018
Looking back at the cybersecurity events of the last year, what they can teach us from a management perspective, and how to build an effective and efficient cybersecurity practice for the current age, looking beyond the technology horizon, into strategy, governance, corporate culture and the real dynamics of transformation
Cyber Security Organisation and Governance > Rethinking and Rewiring Infosec - London, UK - Sep 28 2017
CIO Water Cooler
September 28, 2017
It is true that it is one thing – complex enough – to lead and deliver the cyber security transformation of an organisation that has reached the point where it knows it needs to change, but it is another one – equally complex – to create the condition for such realisation to take place.
Towards an integrated and structured GRC reporting model for digital and cyber risk
Corix Partners / Institute of Risk & Compliance
March 09, 2023
Watch our Founder & CEO JC Gaillard talk (in French) at an IRC (Institute of Risk & Compliance) event in Paris on 9 March 2023 around integrated risk and compliance reporting and how to make GRC work in real life
The event was focused on the introduction of the DORA regulation and other speakers included Laure Mazzoleni-Robin, Legal and Compliance Director, Groupama Asset Management and Thomas Hutin, Senior Managing Director – Head of Cybersecurity, France, FTI Consulting.
How to manage the mounting cyber security technical debt?
Corix Partners
November 11, 2022
Watch a replay of this video presentation on 10 November 2022 at the Cyber Security Leadership Summit 2022
With survey after survey highlighting the toll taken by toolkit proliferation on SOC efficiency and analysts mental health, have we come to the point where organisations have to stop buying more tech for the sake of it and start focusing on the decluttering of their cyber security landscape?
The talk, enhancing the session at Digital Leaders Week with Chris Burtenshaw, CEO, Strata Security, in June 2022, elaborates on the topic and highlights the backbone of the “sipral of failure” around cyber security in many large firms.
How to manage the mounting cyber security technical debt?
Corix Partners
June 23, 2022
Watch a replay of this video presentation on 23 June 2022 at the Digital Leaders Week
JC Gaillard and Chris Burtenshaw from Strata Security explore the dynamics which have driven large organisations over the past 2 decades towards buying more and more security tech, and what can be done today to help them make the most of what they have, in a context of escalating threats and increasing skills scarcity
The CybersecurityInsider Episode 26 - JC Gaillard - Founder & Managing Director - Corix Partners
The CybersecurityInsider
January 19, 2022
Yigal and JC look back at a number of cybersecurity subjects ranging from security in the Cloud, to Supply Chain & MSP, Digital Transformation, Shadow IT and much more...
Looking Back at the Reporting Line of the CISO
Corix Partners
November 14, 2021
Watch a replay of my talk on 11 November 2021 at the Cyber Security Leadership Summit 2021 here on the Corix Partners YouTube channel
The reporting line of the CISO seems to be one of the oldest topic of discussion amongst cyber security professionals, but why are we still here talking about it ???
The right reporting line is the one that works. Period.
Cyber Security: The Operational Illusion
Corix Partners
November 11, 2021
Watch a replay of my talk on 11 November 2021 at the Cyber Security Leadership Summit 2021 here on the Corix Partners YouTube channel
Security culture and governance eat tech for breakfast: Only the embedding of security values in corporate culture and corporate governance can drive the transformative efforts around cyber security, that will lead ultimately to effective cyber resilience.
In Conversation with JC Gaillard, Cybersecurity Specialist and Founder of Corix Partners
Edutec Alliance
August 17, 2021
Watch JC Gaillard talk to Glaucia Rosas from the Edutec Alliance about the importance for school leaders to understand cyber issues that can affect schools and shares corporate best practices that they can adopt to avoid data breach and ransomware attacks.
The Cyber Security Skills Gap: Real Problem or Self-Inflicted Pain ?
Corix Partners
November 10, 2020
Watch a replay of my talk on 10 November 2020 at the Cyber Security Leadership Summit 2020 here on the Corix Partners YouTube channel
You don’t have to go far these days to find security professionals complaining about skills shortages, and countless media outlets relaying their views. But there are at least two sides to this argument and the situation requires a more balanced approach. The security industry needs to rebuild its narrative to attract more raw talent at all levels.
Budgeting for Cyber Security post-COVID: Three Golden Rules for the C-Suite
Corix Partners
October 14, 2020
Watch a replay of my talk on 14 October 2020 at the Digital Leaders Week here on the Corix Partners YouTube channel
The COVID crisis is presenting most businesses with unprecedented situations – for good, bad or worse. One thing the pandemic has not pushed off the radar, is cyber security. As a matter of fact, the volume of cyber-attacks increased to “alarming levels” according to Interpol during the heart of the crisis. For businesses now totally dependent on remote working, e-commerce or digital supply chains, a serious security breach is the last thing they want… CEOs, CFOs and CIOs should not jump to ready-made conclusions around cyber security ahead of their next budgeting round. The talk is focused on three golden rules for them to consider as they plan ahead.
The State of Cyber Security
CIO Water Cooler
December 16, 2019
David Savage from TechTalks sits down with Jean-Christophe Gaillard on the CIO Water Cooler TV, as he reflects on over 20 years of growth in the cybersecurity sector: How the cybersecurity model has changed from one of risk and compliance to real-life inevitability.
Are we spending enough on Cyber Security?
Corix Partners
June 15, 2019
Jean-Christophe Gaillard, Managing Director and Founder, Corix Partners talks to Karla Reffold about what makes a good CISO. He explains that companies are now asking “Are we spending enough on Cyber Security?” and that a good CISO needs to be able to articulate security in the language of all the business stakeholders.
Cyber Security and the Post-Covid Challenges
Telecom Paris Alumni
November 29, 2022
Co-facilitation of this webinar with Telecom Paris Alumni as a follow up with various authors to our editorial work on issue #206 of the Alumni Magazine ("Revue Telecom")
From Cyber Security to Cyber Resilience
Telecom Paris Alumni
April 13, 2022
Co-facilitation of this webinar with Telecom Paris Alumni on cyber resilience, what it means in relation to cyber security, how it can be articulated with enterprise operational resilience, and why it has surged to such prominence over the past 2 years
Organization Reporting Lines to Optimize Information Security
Association for Data and Cyber Governance
October 27, 2021
Watch a replay of this Webinar organised in partnership with the Association for Data and Cyber Governance on 27 October 2021 here on the Corix Partners YouTube channel
The topic of the reporting line of the CISO is probably one of the oldest topics of discussion amongst cyber security communities. But why are we still here talking about it? JC Gaillard, from Corix Partners, looks back at his experience of over 20 years on the matter and his various publications on the theme and explains why the right reporting line is key to success for the CISO but separation of duties considerations cannot rule alone.
COVID-19, Remote Working and Cyber Attacks: What really matters...
CIO Water Cooler
April 15, 2020
A Q&A session in the light of the COVID-19 crisis, with CIO Water Cooler Expert Contributor and Corix Partners founder JC Gaillard, and ex PwC consultant and head of cyber consulting for Europe at Rapid7 Steve Lamb
The end of IT security as we know it
1E
June 28, 2017
We need to improve IT security, while speeding up responsiveness to business demands. All too often, IT Security is viewed as an impediment. It seems that the extreme choices are to have fluid business operations that are wide open to attack or to have highly secure businesses that are slowed down by the weight of complex security measures. Forrester’s call for a “Zero Trust” environment will cripple normal business operations unless the ability to permit access to data and systems is automated to a degree where security doesn’t get in the way of business operations and “fluidity”. As IT professionals, we need to find the middle ground.
The Cyber Security Skills Gap: Real Problem or Self-inflicted Pain?
Corix Partners
December 15, 2021
You don’t have to go far these days to find security professionals complaining about skills shortages, and countless media outlets relaying their views.
But there are at least two sides to this argument and the situation requires a more balanced approach. The security industry needs to rebuild its narrative to attract more raw talent at all levels.
The Role of the CISO in a Digitally Transformed Organisation
techUK
December 02, 2021
techUK launches the second report in its Cyber People Series. The Role of the CISO in a Digitally Transformed Organisation highlights the complexities surrounding the role of the Chief Information Security Officer (the CISO). In this new report, we explore what the CISO should be focusing on in an era where every organisation is a technology organisation, as well as touching on the key attributes of a successful CISO – leadership, strategy, technical, and governance.
The Way Forward with Cyber Security Target Operating Models: A Plan of Approach for Senior Executives
Corix Partners
November 08, 2021
Many large organisations across all industries face the same challenges around cybersecurity and privacy: Growing regulatory demands, compounded by escalating cyber threats and skills shortages, and a business landscape dominated by the COVID pandemic and its aftermath.
Very often, their cyber security operating model has simply grown organically over the years and needs re-engineering or re-structuring:
- to bring it in line with evolving regulatory frameworks;
- to align it with industry best practices in terms of three lines of defence and risk management;
- and fundamentally, to give senior executives assurance that their business remains adequately protected from cyber threats across people, process and technology levels.
So what are the best ways to move forward with a cyber security operating model re-engineering programme?
Cross Industry Best Practice Benchmarking for Schools
Edutec Alliance
July 07, 2021
Delighted to have had the opportunity to contribute the cyber security section of the guide. The guide is designed to assess how well schools are doing against global best practice in terms of strategy, people, process, applications ecosystem, technology infrastructure, data, cyber security and project management.
The first report in this techUK Cyber People Series explores how CISOs should engage at C-Suite and Board level. As cyber security increasingly underpins and enables business growth across all sectors, and enables the Fourth Industrial Revolution to gather pace, the CISO function must seek to educate, garner and leverage support from the C-Suite and Board levels to drive change across their organisations.
Building a Vendor Risk Management Practice that Delivers Real Value
Corix Partners
November 20, 2020
A totally updated version of our 2015 white paper on this topic.
As the COVID crisis makes most businesses dependent on third-parties and cloud services, keeping a firm grip on vendor risk becomes essential.
More than ever before, keeping things simple, working in the context of each relationship and focusing efforts on key vendors are fast becoming key success factors for any vendor risk management programme.
Cyber Security: Not just an Equation between Risk Appetite, Compliance and Costs
Corix Partners
November 16, 2020
An update to the 2019 version of this white paper, originally published in collaboration with The Security Transformation Research Foundation.
The COVID crisis has changed very little around the cyber security fundamentals, and established good practices – some known for decades – continue to provide protection, as long as they are properly implemented acrosss the real depth and breadth of the modern enterprise.
But the pandemic has made most businesses and most of us heavily dependent on digital services, which in turn rely entirely on digital trust.
Now more than ever, cyber security – as a cornerstone of digital trust – is becoming a matter of good corporate governance, good ethics, and quite simply – good business.
COVID-19, Remote Working and Cyber Attacks
Corix Partners
April 06, 2020
The COVID-19 pandemic has forced governments to introduce a degree of social distancing which makes people entirely reliant on digital services.
Remote working creates new security imperatives around the way staff collaborate and share information (and around the way cyber security teams need to operate). At the same time, cyber criminals are targeting the disorganisation created by the crisis and negligent practices and cyber threats are at an all times high.
More than ever, good security and privacy practices are key to KEEPING THE LIGHTS ON.
Security Dashboards, Metrics and Data - Management Insights to see through the Maze
The Security Transformation Research Foundation
February 20, 2020
Communicating and driving real engagement with senior stakeholders around cyber security has always been one of the most complex aspects of the CISO role.
As digital estates become increasingly complex, attack surfaces are multiplied, and most organisations face the same challenge: How do we make sense of the data we have to protect ourselves from cyber threats and drive real action around cyber security?
The Security Transformation Research Foundation, together with Corix Partners, Strata Security and a number of experts, have analysed the complex interactions between security data, metrics and dashboards and offer a number of management insights in a whitepaper which can be downloaded here.
Cyber Security: A Look Across Two Decades
The Security Transformation Research Foundation
November 07, 2019
Research by The Security Transformation Research Foundation highlights significant trends in the way the language of security has evolved across the last 2 decades. The Foundation analysed the semantics content of 17 annual “Global Information Security Surveys” from leading firm EY, spanning the period 2002-2018. By looking at the frequency of keyword markers and how those frequencies have evolved over time, the research puts in evidence a clear demarcation between 2 periods.
Cyber Security: Not just an Equation between Risk Appetite, Compliance and Costs
The Security Transformation Research Foundation
January 15, 2019
Cyber security is becoming a matter of good corporate governance, good ethics, and quite simply –good business > Key factors for boards and executive management to consider in 2019
Internet of Things, Big Data, Cloud: Take Security and Privacy seriously to stay in the game
Corix Partners
December 03, 2015
The convergence of IoT, Big Data and Cloud Computing technologies is opening up a very large number of possibilities in terms of new digital products and services. But for the short-term, at the intersection of technologies and in the midst of the proliferation of (often immature) use cases, the privacy of consumers has become vulnerable. And fundamental cybersecurity principles – if ignored – will lead to breaches and data losses that may damage further consumer confidence.
Cyber Security Focus to Shift from Risk Management & Firefighting towards Transformation & Execution
Date : July 30, 2020
As we look towards the next decade, the Security industry must pivot towards a clearer execution focus: Security cannot be seen any more JUST as a matter of risk appetite or as a box-checking exercise; equally, constant firefighting is no longer sufficient as the “when not if” paradigm takes root in the boardroom and senior executives demand real results, often in exchange of very significant investments. Security must become a delivery imperative, and where existing maturity levels are low, the CISO must become a true transformational leader.
The Corix Partners Friday Reading List - Feb 24, 2023
Thinkers360
February 23, 2023
Top 10 Leadership and Management links of the week, curated by JC Gaillard, focusing on cyber security of course, but also a large cross section of subjects including digital transformation, emerging tech, ESG governance and the future of work