Niel Harper
@noaharper.bsky.social
'Digital Trust' Leader || Non-Executive Director || Internet Rights Advocate || Opinions my own / Likes ≠ endorsements
Personal blog: https://nielharper.com
Personal blog: https://nielharper.com
'Why CISOs Must Fight Back Against Scapegoating' This is why the average CISO tenure is 18-24 months: poor tone from the top, unrealistic expectations, inadequate resources, accountability without authority, regulatory & legal pressure, and poor corporate culture bit.ly/3O17X9U #cyber #resilience
#security #resilience #tonefromthetop #ciso #regulation | Niel Harper
Why CISOs Must Fight Back Against Scapegoating
- CISO ignores red flags in recruitment where business leaders repeatedly mention their "unique developer culture" ❗
- CISO joins a billion-dollar com...
bit.ly
February 7, 2026 at 11:42 AM
'Why CISOs Must Fight Back Against Scapegoating' This is why the average CISO tenure is 18-24 months: poor tone from the top, unrealistic expectations, inadequate resources, accountability without authority, regulatory & legal pressure, and poor corporate culture bit.ly/3O17X9U #cyber #resilience
It was a great experience participating in the Cybersecurity & Data Privacy Virtual Summit 2026 this week. We touched on the technical and strategic responses to a breach as well as several topics of critical importance to cyber capacity building in the Global South #globalsouth #cybersecurity
February 7, 2026 at 11:34 AM
It was a great experience participating in the Cybersecurity & Data Privacy Virtual Summit 2026 this week. We touched on the technical and strategic responses to a breach as well as several topics of critical importance to cyber capacity building in the Global South #globalsouth #cybersecurity
'The Dangers of Relying on Security Theater' - Companies from small to large claim that cyber security is important, but instead they're caught up playing tickbox compliance. In my newest blog, I discuss 6 signs of a “Theatrical” security posture: bit.ly/4bvwvSc #cybersecurity #digitaltrust
The Dangers of Relying on Security Theater
In 2026, phrases like “We take security seriously” or “Your security is important to us” have become the ultimate red flags. When companies lead with these lines in their PR…
bit.ly
February 1, 2026 at 6:10 PM
'The Dangers of Relying on Security Theater' - Companies from small to large claim that cyber security is important, but instead they're caught up playing tickbox compliance. In my newest blog, I discuss 6 signs of a “Theatrical” security posture: bit.ly/4bvwvSc #cybersecurity #digitaltrust
ISACA has been officially authorized by the U.S. government as the exclusive CAICO (CMMC Assessor and Instructor Certification Organization). Learn more at: www.isaca.org/cmmc #cmmc #thirdpartyriskmgmt #security #resilience #digitaltrust
December 17, 2025 at 7:00 PM
ISACA has been officially authorized by the U.S. government as the exclusive CAICO (CMMC Assessor and Instructor Certification Organization). Learn more at: www.isaca.org/cmmc #cmmc #thirdpartyriskmgmt #security #resilience #digitaltrust
Wrapped up Day 2 of Black Hat MEA participating in a Fireside Chat with two amazing security leaders Trina Ford and Priya Mouli. We talked about the promise of agentic AI and the underlying risks that businesses and cyber professionals need to address. #BlackHatMEA #AgenticAI #DefenseinDepth
December 5, 2025 at 9:50 AM
Wrapped up Day 2 of Black Hat MEA participating in a Fireside Chat with two amazing security leaders Trina Ford and Priya Mouli. We talked about the promise of agentic AI and the underlying risks that businesses and cyber professionals need to address. #BlackHatMEA #AgenticAI #DefenseinDepth
Yesterday at Black Hat MEA, my first deep dive session of the day focused on "Ransomware as a Service (RaaS) from code to cartel" - We explored the evolution of ransomware into today's organized, profit-centered, multi-disciplinary threat collectives #BlackHatMEA #RaaS #Cybercrime
December 5, 2025 at 9:47 AM
Yesterday at Black Hat MEA, my first deep dive session of the day focused on "Ransomware as a Service (RaaS) from code to cartel" - We explored the evolution of ransomware into today's organized, profit-centered, multi-disciplinary threat collectives #BlackHatMEA #RaaS #Cybercrime
'Why the Current Debate on the UK Digital ID ("BritCard") is Misleading' - Modern digital ID architectures are secure and privacy enabling by design bit.ly/3KAAHo7 #privacy #security #privacyrights #digitalid
Why the Current Debate on the UK Digital ID (“BritCard”) is Misleading
The current negative debate about the BritCard is misleading because it largely relies on outdated assumptions about technology and centralization, ignoring the fundamental privacy safeguards that …
bit.ly
October 4, 2025 at 7:41 PM
'Why the Current Debate on the UK Digital ID ("BritCard") is Misleading' - Modern digital ID architectures are secure and privacy enabling by design bit.ly/3KAAHo7 #privacy #security #privacyrights #digitalid
'Free Wi-Fi Leaves Buses Vulnerable to Remote Hacking' - Attackers can track the location of buses, access onboard cameras, initiate false emergency/accident alerts, and issue remote commands to critical systems - Yikes! bit.ly/45AwZSx #securitybydesign #threatmodeling #securityarchitecture
Free Wi-Fi Leaves Buses Vulnerable to Remote Hacking
Researchers showed how flaws in a bus’ onboard and remote systems can be exploited by hackers for tracking, control and spying.
bit.ly
August 12, 2025 at 12:31 PM
'Free Wi-Fi Leaves Buses Vulnerable to Remote Hacking' - Attackers can track the location of buses, access onboard cameras, initiate false emergency/accident alerts, and issue remote commands to critical systems - Yikes! bit.ly/45AwZSx #securitybydesign #threatmodeling #securityarchitecture
I am honored to be included in the AuditBoard second annual list of '25 CISOs to Watch', a compilation of the industry's most resilient and innovative minds. Check out the list here: bit.ly/3JlWwHk
August 7, 2025 at 8:51 PM
I am honored to be included in the AuditBoard second annual list of '25 CISOs to Watch', a compilation of the industry's most resilient and innovative minds. Check out the list here: bit.ly/3JlWwHk
'2025 SC Award Winners: Best Professional Certification Program' - ISACA’s CISM certification has been named the Best Professional Certification Program at the 2025 SC Awards - This is testament to the commitment of the organization to delivering excellence! bit.ly/4jzqjJR #digitaltrust #infosec
May 1, 2025 at 7:50 AM
'2025 SC Award Winners: Best Professional Certification Program' - ISACA’s CISM certification has been named the Best Professional Certification Program at the 2025 SC Awards - This is testament to the commitment of the organization to delivering excellence! bit.ly/4jzqjJR #digitaltrust #infosec
'Security leaders shed light on their zero trust journeys' - Moving towards a zero trust architecture is a progressive journey rather than a mere technological shift. Totally enjoyed sharing my experiences with CSO Online bit.ly/4cI2P2C #zerotrust #identitymgmt #endpointsecurity
April 23, 2025 at 2:12 PM
'Security leaders shed light on their zero trust journeys' - Moving towards a zero trust architecture is a progressive journey rather than a mere technological shift. Totally enjoyed sharing my experiences with CSO Online bit.ly/4cI2P2C #zerotrust #identitymgmt #endpointsecurity
I thoroughly enjoyed tag teaming with Safia Kazi to discuss the key findings of the ISACA State of Privacy Survey - Check out the podcast and let me know what you think! bit.ly/41LnIpN #privacy #security #dataprotection #regulations #privacyengineering #AI #digitaltrust
March 7, 2025 at 9:39 AM
I thoroughly enjoyed tag teaming with Safia Kazi to discuss the key findings of the ISACA State of Privacy Survey - Check out the podcast and let me know what you think! bit.ly/41LnIpN #privacy #security #dataprotection #regulations #privacyengineering #AI #digitaltrust
I would like to express my sincere gratitude to Security Magazine for recognizing me as one of the Top Cybersecurity Leaders for 2025 #cybersecurity #corporatesecurity #physicalsecurity #fireandsafety #riskmanagement
March 3, 2025 at 8:06 AM
I would like to express my sincere gratitude to Security Magazine for recognizing me as one of the Top Cybersecurity Leaders for 2025 #cybersecurity #corporatesecurity #physicalsecurity #fireandsafety #riskmanagement
'RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations' - A recent study has unveiled a worrying discovery of over 100 security flaws that can be used to persistently disrupt LTE and 5G implementations bit.ly/42uRbFk #cybersecurity #criticalinfrastructure #LTE #5G
RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations
119 LTE and 5G vulnerabilities disclosed, including 79 in MME and 36 in AMF, risking city-wide disruptions
bit.ly
January 25, 2025 at 12:13 PM
'RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations' - A recent study has unveiled a worrying discovery of over 100 security flaws that can be used to persistently disrupt LTE and 5G implementations bit.ly/42uRbFk #cybersecurity #criticalinfrastructure #LTE #5G
New ISACA Research: 63 Percent of Privacy Professionals Find Their Jobs More Stressful Now Than Five Years Ago - For a deeper dive on the state of privacy, access a complimentary copy of the report and other related content at bit.ly/40po97w #privacy #dataprotection #compliance #regulation
January 22, 2025 at 4:55 PM
New ISACA Research: 63 Percent of Privacy Professionals Find Their Jobs More Stressful Now Than Five Years Ago - For a deeper dive on the state of privacy, access a complimentary copy of the report and other related content at bit.ly/40po97w #privacy #dataprotection #compliance #regulation
'Five Ways Security Professionals Can Start the New Year Strong' - As we step into the new year, it's crucial to gear up for a more secure future. Check out my #DigitalTrust resolutions for 2025 here: bit.ly/4j7qCfj #Cybersecurity #OperationalResilience #CyberCapacityBuilding #NewYear #Resolutions
January 9, 2025 at 9:45 PM
'Five Ways Security Professionals Can Start the New Year Strong' - As we step into the new year, it's crucial to gear up for a more secure future. Check out my #DigitalTrust resolutions for 2025 here: bit.ly/4j7qCfj #Cybersecurity #OperationalResilience #CyberCapacityBuilding #NewYear #Resolutions
In 2024, I focused on transforming digital trust from rhetoric to reality. Whether advising the ITU, serving on the ISACA Board, or leading cyber at Doodle, the message was clear: trust isn't a feature, it's the foundation of our digital ecosystem. Checkout my 2024 LinkedIn Rewind: bit.ly/40lHMNR
January 2, 2025 at 4:23 PM
In 2024, I focused on transforming digital trust from rhetoric to reality. Whether advising the ITU, serving on the ISACA Board, or leading cyber at Doodle, the message was clear: trust isn't a feature, it's the foundation of our digital ecosystem. Checkout my 2024 LinkedIn Rewind: bit.ly/40lHMNR
'When does generative AI qualify for fair use?' - Suchir Balaji, former OpenAI Researcher and Copyright Whistleblower, succinctly explains why generative AI is not 'fair use' - Excellent read! bit.ly/4fnsGwG #ai #llm #fairuse #copyrightinfringement #bigtech #ripsir #thankyou
December 16, 2024 at 3:18 PM
'When does generative AI qualify for fair use?' - Suchir Balaji, former OpenAI Researcher and Copyright Whistleblower, succinctly explains why generative AI is not 'fair use' - Excellent read! bit.ly/4fnsGwG #ai #llm #fairuse #copyrightinfringement #bigtech #ripsir #thankyou
'Cybersecurity: A Dynamic and Impactful Career Field' - I wrote this article for Media Planet outlining why cybersecurity is such a dynamic and impactful career path. Check it out: bit.ly/41tZT6e #workforcedevelopment #cybercapacitybuilding
Cybersecurity: A Dynamic and Impactful Career Field
Strengthening cybersecurity has become one of the most urgent — and universal — needs for both corporations and nations in recent years.
bit.ly
December 10, 2024 at 7:35 PM
'Cybersecurity: A Dynamic and Impactful Career Field' - I wrote this article for Media Planet outlining why cybersecurity is such a dynamic and impactful career path. Check it out: bit.ly/41tZT6e #workforcedevelopment #cybercapacitybuilding
'How the ISACA Board and Executive Management Address Cyber Risk' - Check out my recent blog that discusses the various ways in which leadership addresses #cyberrisk and #corporategovernance at ISACA bit.ly/3D3Oksh
How the ISACA Board and Executive Management Address Cyber Risk
The ISACA Board takes extensive action to understand and address cybersecurity risk while aligning cyber risk management with strategic business objectives.
bit.ly
December 9, 2024 at 6:01 PM
'How the ISACA Board and Executive Management Address Cyber Risk' - Check out my recent blog that discusses the various ways in which leadership addresses #cyberrisk and #corporategovernance at ISACA bit.ly/3D3Oksh
Reposted by Niel Harper
Google’s New Open-Source Patch Validation Tools Vanir Unveiled
Google’s New Open-Source Patch Validation Tools Vanir Unveiled
Google has officially launched Vanir, a groundbreaking open-source security patch validation tool designed to enhance the efficiency and accuracy of patch management.
cybersecuritynews.com
December 9, 2024 at 11:52 AM
Google’s New Open-Source Patch Validation Tools Vanir Unveiled
'Stoli Group USA files for bankruptcy after ransomware attack' - Deficient security controls have consequences bit.ly/41liaT3 #cyberattacks #operationalresilience #cyberriskmgmt
Stoli Group USA files for bankruptcy after ransomware attack
The vodka distributor cited the cyberattack, legal battles with Russia and macroeconomic issues in its filing.
bit.ly
December 5, 2024 at 12:55 PM
'Stoli Group USA files for bankruptcy after ransomware attack' - Deficient security controls have consequences bit.ly/41liaT3 #cyberattacks #operationalresilience #cyberriskmgmt
Reposted by Niel Harper
“We don’t want to be the outlier that proves the rule, we want to be a new set of rules leading the way to a much more open and diverse tech ecosystem,” Signal President @meredithmeredith.bsky.social told WIRED.
With Threats to Encryption Looming, Signal’s Meredith Whittaker Says ‘We’re Not Changing’
At WIRED’s The Big Interview event, the president of the Signal Foundation talked about secure communications as critical infrastructure and the need for a new funding paradigm for tech.
www.wired.com
December 4, 2024 at 4:59 PM
“We don’t want to be the outlier that proves the rule, we want to be a new set of rules leading the way to a much more open and diverse tech ecosystem,” Signal President @meredithmeredith.bsky.social told WIRED.
'Dispelling the Myths of Defense-Grade Cybersecurity' - In this Infosecurity Magazine webinar, I joined an expert group of panelists to uncover the truth behind common misconceptions about defense-grade cybersecurity bit.ly/3D0hDMq #defensegrade #cybersecurity #resilience #privacy
December 5, 2024 at 12:33 PM
'Dispelling the Myths of Defense-Grade Cybersecurity' - In this Infosecurity Magazine webinar, I joined an expert group of panelists to uncover the truth behind common misconceptions about defense-grade cybersecurity bit.ly/3D0hDMq #defensegrade #cybersecurity #resilience #privacy
'The 10 biggest issues CISOs and cyber teams face today' Security leaders - What are the challenges keeping you up at night? Myself and other experts discuss the problems we're grappling with: bit.ly/3OFZDtb #threatlandscape #regulations #supplychainrisks #legalliability #AI #tightbudgets
The 10 biggest issues CISOs and cyber teams face today
From escalating cyber threats to questions about resources and security’s role in the enterprise, cyber leaders are reshaping their agendas to address several key long-standing and emerging concerns.
bit.ly
December 5, 2024 at 12:32 PM
'The 10 biggest issues CISOs and cyber teams face today' Security leaders - What are the challenges keeping you up at night? Myself and other experts discuss the problems we're grappling with: bit.ly/3OFZDtb #threatlandscape #regulations #supplychainrisks #legalliability #AI #tightbudgets