Alternative Thinking

This is the spirit which motivates us and shapes our activities.

Looking beyond the technical horizon into strategy, organisation, governance, resilience, corporate culture and the real dynamics of large organisations to deliver real long term protection and value.

We always look for contrarian angles to analyse situations and solve problems, and place cross-silos thinking at the core of everything we do in a constant fight against industry inertia and the attitude that consists of defaulting to ready-made solutions.

We also curate the Security Transformation Leadership publication on Medium : Delivering a challenge and an alternative view on common practices in the CyberSecurity space to help the Industry move forward

Please contact us for more details

lost decade cyber security 2021

Cyber Security: The Lost Decade – 2021 Edition


Why large organizations still struggle with decade-old security problems – and how to fix them

A selection of key cyber security articles from leading expert and consultant JC Gaillard published on the Corix Partners blog since 2015 and an update to our 2020 edition.

88 easy to read, bitesize articles grouped by themes, covering all key managerial aspects around information security, from the reporting line of the CISO to the role of the Board, and how to make it work in real life, including an updated section on the COVID pandemic and its implications over the short and mid-term.

They offer a truly alternative view on how to organise and manage cyber security in large firms, inspired by the direct field experience of their author JC Gaillard, former CISO and leading consultant, cyber security expert and global influencer on the topic.

Download
lost decade cyber security 2020

Cyber Security: The Lost Decade – 2020 Edition


Why large organizations still struggle with decade-old security problems – and how to fix them

A selection of key cyber security articles from leading expert and consultant JC Gaillard published on the Corix Partners blog since 2015 and an update to our 2019 version.

74 easy to read, bitesize articles grouped by themes, covering all key managerial aspects around information security, from the reporting line of the CISO to the role of the Board, and how to make it work in real life, including a full new section on the COVID pandemic and its implications.

They offer a truly alternative view on how to organise and manage cyber security in large firms, inspired by the direct field experience of their author JC Gaillard, former CISO and leading consultant and expert on the topic.

Download
security dashboards metrics data

Security Dashboards, Metrics and Data


Management Insights to see through the Maze

Communicating and driving real engagement with senior stakeholders around cyber security has always been one of the most complex aspects of the CISO role.

As digital estates become increasingly complex, attack surfaces are multiplied, and most organisations face the same challenge:

How do we make sense of the data we have to protect ourselves from cyber threats and drive real action around cyber security?

The Security Transformation Research Foundation, together with Corix Partners, Strata Security and a number of experts, have analysed the complex interactions between security data, metrics and dashboards and offer a number of management insights in a whitepaper which can be downloaded here.

Download
Language of Security

Cyber Security: A Look Across Two Decades


The Security industry talks a lot about what could go wrong … but not so much about how to improve things

Research by The Security Transformation Research Foundation highlights significant trends in the way the language of security has evolved across the last 2 decades.

The Foundation analysed the semantics content of 17 annual “Global Information Security Surveys” from leading firm EY, spanning the period 2002-2018.

By looking at the frequency of keyword markers and how those frequencies have evolved over time, the research puts in evidence a clear demarcation between 2 periods.

Download
lost decade cyber security 2019

Cyber Security: The Lost Decade – 2019 Edition


Why large organizations still struggle with decade-old security problems – and how to fix them

A selection of key cyber security articles from leading expert and consultant JC Gaillard published on the Corix Partners blog since 2015 and an update to our 2018 version.

63 easy to read, bitesize articles which cover all key managerial aspects around information security, from the reporting line of the CISO to the role of the Board, and how to make it work in real life and offer a truly alternative view on how to organise and manage cyber security in large firms, inspired by the direct field experience of their author JC Gaillard, former CISO and leading consultant and expert on the topic.

Download
cyber security ESG

Cyber Security: Not just an Equation between Risk Appetite, Compliance and Costs


Cyber security has risen as a key issue on the radar of virtually all organisations. As a recent AT Kearney report suggests, cyber-attacks have been topping executives’ lists of business risks for three straight years. In fact, the overwhelming majority of organisations have experienced some form of cyber-attack at some point over the past few years.

As every enterprise is becoming more and more data-driven, it is key for the Board to realize that cyber security is becoming a central tenet both of its core business and of its social impact and governance strategies.

A way to achieve this could be to frame cyber security as a formal and integral part of a company’s Environmental, Social and Corporate Governance (ESG) strategy, and this is the proposition the Security Transformation Research Foundation analyses in its latest White Paper.

Download
lost decade cyber security 2018

Cyber Security: The Lost Decade – 2018 Edition


Why large organizations still struggle with decade-old security problems – and how to fix them

A selection of key cyber security articles from leading expert and consultant JC Gaillard published on the Corix Partners blog since 2015 and an update to our 2017 version.

52 easy to read, bitesize articles which cover all key managerial aspects around information security, from the reporting line of the CISO to the role of the Board, and how to make it work in real life and offer a truly alternative view on how to organise and manage cyber security in large firms, inspired by the direct field experience of their author JC Gaillard, former CISO and leading consultant and expert on the topic.

Download

GDPR: What to expect up to May 25th and beyond


Throughout 2017, the GDPR has been successful in bringing up to the attention of boards,  senior and middle management a range of security and privacy issues which had not been properly on their radar up to now.

But the regulation is genuinely complex and “compliance” remains an elusive concept for many firms.

Faced with widespread issues, the attitude of regulators will be key throughout 2018 and will be the main force shaping up the next steps.

Corix Partners, together with Arsia Mons, DA Resilience, Next World Capital, Wise Partners and a number of experts, have analysed the impact the GDPR has had so far, and offer key insights on what can be expected up to May 25th and beyond in this whitepaper.

Download
cyber security the lost decade

Cyber Security: The Lost Decade


This is a compilation of the best cyber security management, organisation and governance articles published on the Corix Partners blog between 2015 and 2017. They offer a truly alternative view on how to organise and manage security in large firms, inspired by the direct field experience of their author JC Gaillard, former CISO and leading consultant and expert on the topic. 35 easy to read, bitesize articles which cover all key managerial aspects around information security, from the reporting line of the CISO to the role of the Board, and how to make it work in real life.

Download

GDPR: A Catalyst to Drive Real Action around Privacy and Security


Over the past 6 months, social media and the Internet have been inundated with GDPR-related material. Law firms, consultancies – large and small – and even tech firms have all jumped on what they perceive to be a lucrative band wagon. And indeed, the regulation has the potential to be a catalyst to drive real action around security and privacy.

But at the same time, it is key to put things in perspective and look beyond a few very simplistic clichés.

Corix Partners, together with DA ResilienceNext World CapitalWise Partners in Paris and a number of experts, have analysed the impact the GDPR can have around privacy and security, and is offering a real-life perspective in a whitepaper.

Download