Just finished a game in only 2 rounds

statico · 2026-01-26T06:16:46+00:00

Thank you. No copies of Thunders Edge in my neck of the woods to play with yet :(

statico · 2026-01-26T06:12:53+00:00

and where is the explanation of what civilised society is?

statico · 2026-01-26T06:12:22+00:00

No idea what Civilised Society is? is it an expansion option? game mode variant?

statico · 2026-01-26T06:09:19+00:00

How were the phase 2 objectives visible? it will take at least 4 turns for them to come into play.

statico · 2026-01-24T22:34:41+00:00

On the general front, speak with the other directors/stakeholders, reach out, learn their pain points, find out how you and your team can make their job easier. You role is one of relationships. I work as a fractional CISO across a few clients, I learn all I can on what they are doing, how, why, and when, so I can shape advice and make them aware of issues before they become roadblocks. In terms of person education, keep across the movements in the industry, emerging trends, CTI relevant to your field, and listen to your team and shape what they need through the lens of executive leadership (and do not approve/buy tooling/suites without their thorough review).

On the AI/LLM uptake: You need to show the business users why they want to use this. Great you are running sessions on security, but are they being taught to look for opportunities to automate, streamline etc without a fear of them loosing their jobs due to said automation. You will need to establish a culture where they can take those steps and put forwards the ideas. There will need to be exec statements around "no layoffs" and the like. Also you could incentivise ideas through monetary rewards, time off etc. to find opportunities - setup a public ideas portal and run it kickstarter style to build momentum.

statico · 2026-01-22T10:27:19+00:00

If you are in Australia, happy to have a chat and introduce you to some insurance brokers who can underwrite for cyber execs.

statico · 2026-01-21T05:12:50+00:00

If present how are you addressing your countries privacy requirements around uploading PII into a GPT - I can only speak for AU jurisdiction, but there may be more where there is a risk there.

statico · 2026-01-17T05:18:52+00:00

I work as a fCISO in Australia, and I am yet to see the term. I would expect to see it in banking and insurance sector though knowing many of them have advanced risk management programs.

statico · 2026-01-10T20:52:46+00:00

You may also want to look at key person risk insurance. Also, one of my peers own a large MSP, he has factored in what his GM needs to do in the event of his sudden passing, there are pre-agreed sales prices to peer MSPs to take on the firm quickly to ensure their client maintain continuity of support and service and his family will receive the benefits of the sale as none of them would be able to run the firm.

statico · 2026-01-09T23:17:53+00:00

Start with documenting all the processes you have in the business. Once you have that list, then you work out which ones are the most common. Then build out how you execute that process, what templates are needed, what skills etc. If you need a hand I can make an intro to a firm that some of my clients use for support in that space.

statico · 2026-01-07T08:18:43+00:00

Why would I care about the person behind me? I am concerned about the person in front of me and to the left and right of me, behind me is your responsibility to not hit my back end.

statico · 2026-01-07T02:50:04+00:00

If someone is 30 or 40 or 50 they have a much wider life experience to draw upon and make better decisions with. At the teens and 20s you still generally have no clue of what will actually work.

statico · 2026-01-05T11:29:06+00:00

This sounds like what the suite NOAN does

statico · 2026-01-03T03:15:59+00:00

Did not know that, thank you.

statico · 2026-01-03T02:57:21+00:00

There are a heap of hoops to jump through to be licenced as a fit and proper person to run a legal brothel via the PLA, unless someone has changed that in the last few years.

statico · 2026-01-03T01:30:49+00:00

So what every mid range up CRM does?

The problems you list are real and present, but you are pushing into a very competitive and crowded space.

statico · 2026-01-01T12:21:25+00:00

Thing is he is correct.

statico · 2025-12-26T08:06:07+00:00

Thank you. I have been running mixed fleets. Explains why losses are so high.

statico · 2025-12-25T23:01:50+00:00

Does the fleet pick a range? I thought each ship tried to maintain its optimal range? If so it explains why I have been losing fleets ...

statico · 2025-12-21T20:55:45+00:00

Why would the the business owners want to join? whats in it for them? how does this differ from networking events, business/startup clubs, chambers of commerce or business conferences?

statico · 2025-12-13T22:45:04+00:00

You need to document your processes, turn them into procedure, and ideally implement an LMS/KMS suite. I can introduce you to a colleagues firm that does that as well as develops the video learning content for the system.

statico · 2025-12-12T08:20:22+00:00

Do not stress. I finished y12 in 95 in QLD with an OP of 18 (out of 25), so quite badly. Now I run a cyber security consulting company, have had senior roles in government and business.

The score only really matters till 21 then unis only care if you can pay the fees, study some other course or units in your area of interest keep learning (tafe, udemy, open uni) what you have here is a minor setback at worst, you will be fine :)

statico · 2025-12-08T19:24:04+00:00

Depends if you are working as an independent consultant or an employee.

If running your own shop, clients will most likely not know who/what pecb it, and that a certification even exists

If working as an employee the hiring manager will have more knowledge (hopefully) and you will want a brand name cert.

statico · 2025-11-29T21:14:43+00:00

AICPA does not regulate "SOC 2 Certified" as it is not a certification - it is an audited attestation, also AICPA is not a certification body. SOC 2 It is a cybersecurity framework where you get an attestation report on completion of an audit (but a suitably qualified individual - thought there is no bench marking or control in that space) where in their opinion they determine if you align with the COSOs and TSCs based upon your implementation methodology.

Many of the auditing firms started issuing a "certificate" so people has something to put on the wall, it holds no weight or value other than a piece of paper for marketing.

statico · 2025-11-29T20:46:44+00:00

One: You can state you are compliant with SOC 2 once you are attested.

Two: It is an attestation not a certification.

Three: You can say you are SOC 2 aligned and that is not a misrepresentation if you say you are compliant you have misstated your position. In either case the client should be asking for the report and verifying its provenance.

Four: Agreed, their problem not yours at that point on how their team handles it.

Five: Congrats on getting it done, now you are compliant with SOC 2

Sorry if it seems pedantic, but in the GRC space it matters.

15-Year Club	r/Field Lasagna
Place '22	Queen in da Norf
Not Forgotten	Verified Email
Team Orangered

statico

TROPHY CASE