Sapsiwai - Fotolia

David Lacey's IT Security Blog

Information security expert David Lacey discussed the latest ideas, best practices, and business issues associated with managing security.

May 2009

  • Whither Information Governance?

    David Lacey 31 May 2009
  • I had high hopes for the work of the UK parliamentary-industry group EURIM in developing the foundations of Information Governance. With no less than five work streams attended by leading, ...

  • Cyber-security is broader than critical infrastructure

    David Lacey 30 May 2009
  • US President Barack Obama's speech on plans to secure American cyber infrastructure is an encouraging start for developing the long-overdue capabilities that the West needs to safeguard its ...

  • Information Age security

    David Lacey 29 May 2009
  • This month's edition of Information Age magazine carries an insightful review of my book "Managing the Human Factor in Information Security". Information Age is an excellent magazine, which for ...

  • Intrusion detection is alive and thriving

    David Lacey 28 May 2009
  • Back in 2003, Gartner declared that intrusion detection systems were a market failure and would be obsolete by 2005. Six years and 3.7 million downloads later, Sourcefire is celebrating the 10th ...

  • A step forward for cloud computing security

    David Lacey 27 May 2009
  • The Jericho Forum and the Cloud Security Alliance announced today that they're working together to promote best practices for secure collaboration in the cloud. It's encouraging news as both groups ...

  • Lessons in crisis management

    David Lacey 25 May 2009
  • The current crisis of public confidence in UK Parliament, triggered by the publication of MPs' expenses records, demonstrates three interesting and very important lessons of crisis management. They ...

  • Infosecurity Europe Hall of Fame presentations

    David Lacey 15 May 2009
  • The Hall of Fame presentations given by Paul Dorey and myself are now available on the Infosecurity Europe web site. Recordings of these sessions and podcast interviews will also be available ...

  • Towards a world of illusion

    David Lacey 15 May 2009
  • Each week we get closer to a business and social cyberspace dominated by spin, FUD and disinformation. It's an inevitable consequence of the power of large-scale information and social networks. ...

  • The Age of Integrity

    David Lacey 09 May 2009
  • Bruce Schneier's blog highlights reports of an alleged recent break in by hackers to a Virginia State Web site used by pharmacists to track prescription drug abuse. The hackers were reported to ...

  • Principles of good security architecture

    David Lacey 04 May 2009
  • If Kit Cameron can come up with a set of laws of identity when arguably there aren't any, then the least I can do is have a stab at setting out some principles of good security architecture. If ...

  • Drowning in a sea of security frameworks

    David Lacey 03 May 2009
  • I've commented a few times already on the use, and misuse, of standards, architectures and other forms of model to help us to manage information security. There are now so many control frameworks, ...