David Lacey's IT Security Blog: Archives

Archives

2009.11.06: Towards the paperless office
2009.11.01: The limitations of risk assessment
2009.10.31: Chinese Cyberwarfare Capability
2009.10.28: Lessons from the safety field
2009.10.27: Opinions on RSA Conference Europe 2009
2009.10.26: Higher standards for identity assurance
2009.10.22: Money in the Cloud
2009.10.21: RSA Conference reflects trends in security landscape
2009.10.19: The RSA Conference comes to town
2009.10.16: Responding to the postal strikes
2009.10.13: Information Security across the World
2009.10.02: Long distance data management
2009.10.01: A new kind of security
2009.09.21: More solutions please
2009.09.21: The soft underbelly of big business
2009.09.15: The power of social networks
2009.09.15: Worse case scenarios
2009.09.10: Responding to the Global Security Challenge
2009.09.02: Single point failures
2009.08.28: Online banking security (or lack of it)
2009.08.26: Painless patching
2009.08.24: Wales leads the way
2009.08.18: Combating counterfeiting
2009.08.13: Learning from mistakes
2009.08.12: Public policy on cyber security
2009.08.09: Context is King
2009.08.08: Who can you believe?
2009.08.05: The convergence of information and physical security
2009.08.04: In search of a cyber security czar
2009.08.02: More of the same won't do
2009.07.29: Safeguarding the DNA of the Internet
2009.07.27: Both sides now
2009.07.27: Security and banks
2009.07.24: Security in the clouds
2009.07.23: Exploiting the power of networks
2009.07.20: How many lost laptops can you justify?
2009.07.20: Getting the basics right
2009.07.18: Doing nothing is not an option
2009.07.17: Information security at the crossroads
2009.07.15: How to be a Superbrand
2009.07.13: Security in the clouds
2009.07.09: Secrets for sale
2009.07.05: Environments influence behaviour
2009.07.05: The perils of security software
2009.06.30: Eliminating opportunities for fraud
2009.06.29: Why staff break security rules
2009.06.25: New cyber strategy needs to be tougher
2009.06.23: The impact of the recession on information security spending
2009.06.21: W-Tech 2009
2009.06.18: The next big thing
2009.06.18: A new security blog
2009.06.17: Digital Britain needs better security
2009.06.11: Planning for the worst
2009.06.10: Where's the next security breakthrough?
2009.06.09: Welcome to the new age of fear, uncertainty and doubt
2009.06.05: Security is an inefficient market
2009.05.31: Whither Information Governance?
2009.05.30: Cyber-security is broader than critical infrastructure
2009.05.29: Information Age security
2009.05.28: Intrusion detection is alive and thriving
2009.05.27: A step forward for cloud computing security
2009.05.25: Lessons in crisis management
2009.05.15: Infosecurity Europe Hall of Fame presentations
2009.05.15: Towards a world of illusion
2009.05.09: The Age of Integrity
2009.05.04: Principles of good security architecture
2009.05.03: Drowning in a sea of security frameworks
2009.04.30: Verdict on Infosecurity Europe 2009
2009.04.27: Historical records from the birth of BS7799
2009.04.27: Security in financial services
2009.04.26: A timely pandemic wake-up call
2009.04.24: RSA Conference fails to hit the spot
2009.04.23: Frustration Hacking - or the lack of it?
2009.04.18: The Scourge of Spam
2009.04.17: Looking ahead to Infosecurity Europe 2009
2009.04.13: Security budgets in a downturn
2009.04.10: Preventing rogue traders
2009.04.03: This year's fashionable label
2009.03.29: Ethical hacking - a good or bad term?
2009.03.25: Better standards for standards please
2009.03.23: Real-world security architectures
2009.03.18: Yes we can
2009.03.16: Lies, damned lies and statistics
2009.03.16: Keep away from the Dark
2009.03.09: Preparing for Life in the Fast Lane
2009.03.04: Apocalypse soon?
2009.02.28: The Fog of Cyberwar
2009.02.26: Broken Windows and e-crime
2009.02.20: When laptops go missing
2009.02.15: Back to Basics
2009.02.10: What's in a number?
2009.02.08: A glimpse of the future of cybercrime
2009.02.05: New funding for UK security research
2009.02.04: Counting the cost of data breaches
2009.01.31: Guidelines should be simple but effective
2009.01.29: Security awareness: a short step in a long journey
2009.01.27: Virtual Shadows
2009.01.25: Managing the aftermath of data breaches
2009.01.23: A New Book for a New Year
2009.01.20: In search of simplicity
2009.01.18: Who can you trust?
2009.01.17: The tone at the top
2009.01.11: Never assume a security measure is foolproof
2009.01.08: In search of better Information Governance
2009.01.03: Computer forensics - a subject every executive should understand
2008.12.29: Security Forecasts for 2009
2008.12.24: Security Forecasts for 2008 - Right or Wrong?
2008.12.23: Security practitioners beat the analysts
2008.12.18: In search of perfection
2008.12.15: Everything you wanted to know about Web 2.0 Security and Privacy
2008.12.13: Open source security is the future
2008.12.10: Securing cyberspace
2008.12.08: Managing Security in Outsourcing and Off-shoring
2008.12.03: The slow progress of people-oriented information security
2008.11.30: We need affordable intelligent monitoring systems
2008.11.28: That firewall is deceased
2008.11.27: Driving down costs
2008.11.21: Global trends are not all bad
2008.11.12: Security myths exposed
2008.11.09: Let's get real about information security
2008.11.09: Preserving our Information Security Heritage
2008.11.04: Let's have a heated debate
2008.11.02: Data breaches will continue until we take the right action
2008.11.01: Towards a cleaner water supply
2008.10.31: The advancing science of anti-forensics
2008.10.31: Security at the application level
2008.10.30: The spectacular success of financial risk management
2008.10.29: Victoria's secrets steal the RSA show
2008.10.26: RSA Europe - a softer focus?
2008.10.24: Mail shots for dummies
2008.10.23: Visibility and context are your priorities
2008.10.23: Lies, damn lies and incident statistics
2008.10.22: Firewalls for phones
2008.10.21: Security theatre
2008.10.20: Here comes everybody
2008.10.19: The future of Internet governance
2008.10.16: Outsourcing trends
2008.10.14: Security budgets
2008.10.11: Top Gun jobs
2008.10.10: Yet another security breach
2008.10.09: Microsoft Security Day
2008.10.07: The end of secrecy
2008.10.05: The case for strong authentication
2008.10.05: The MD who came in from the cold
2008.10.03: The Cyberspace Frontier has closed
2008.10.02: Card fraud up - it's no surprise
2008.10.01: It must be true: I read it in the press
2008.09.30: Security and SaaS: a compelling combination
2008.09.29: Sex, death and Gartner IT security summits
2008.09.27: The next generation Internet
2008.09.25: Relationships are the key to secure outsourcing
2008.09.24: We know where you're looking
2008.09.23: Getting to grips with the human factor
2008.09.20: The new media landscape
2008.09.19: Laptop and PDA losses still a major problem
2008.09.17: Spy versus spy
2008.09.15: Spin, FUD and disinformation
2008.09.12: Data loss detection and prevention
2008.09.10: The Future is a long time coming
2008.09.08: Reading between the lines
2008.09.04: Coming to terms with the Insider Threat
2008.08.29: Offensive strategies
2008.08.28: It's always two steps forward, another step back
2008.08.27: Reported breaches will keep growing and growing
2008.08.22: Achieving a security culture change
2008.08.18: Irresponsible disclosure
2008.08.13: The real Security 2.0
2008.08.10: Why we really do risk management
2008.08.04: Data leakage prevention
2008.07.30: Cyberspace profiling
2008.07.24: Keeping threats in perspective
2008.07.21: Who needs infrastructure?
2008.07.17: Talent wars are zero sum games
2008.07.14: In search of a new security culture
2008.07.10: Network Access Control
2008.07.05: How many laptops go missing?
2008.06.30: In search of better Identity Management
2008.06.26: Changing Security Culture
2008.06.23: The solution needs to fit the problem
2008.06.20: The next big threat
2008.06.16: Future security architecture
2008.06.15: Security culture in Government
2008.06.13: In search of the spirit of Bletchely Park
2008.06.12: Intrusion detection is alive and well
2008.06.10: Yet another data breach
2008.06.09: When business becomes personal
2008.06.07: Predicting the outcome of events
2008.06.05: Uncontrolled printing
2008.06.04: Security news on video
2008.06.03: The Cost of Data Breaches
2008.06.01: Recession-resistant careers
2008.05.30: Bletchley Park needs your help
2008.05.28: Insider Threats
2008.05.26: The Limitations of Risk Management
2008.05.16: Security Mindset
2008.05.16: Secure by Design
2008.05.15: The Backward World of Secure Software Development
2008.05.12: Information Meltdown
2008.05.10: Presumed Guilty
2008.05.07: Yet Another Security Circle
2008.05.04: White Hat Dilemma
2008.05.02: Voice Firewalls - the next compelling technology
2008.05.01: We can’t have enough security products
2008.04.30: Ray Stanton and Bruce Schneier interviews
2008.04.30: Real hackers stay close to the action
2008.04.28: Security Software as a Service
2008.04.28: More Testing Please
2008.04.27: Navigating the Security Conference Circuit
2008.04.25: Infosecurity Highlights
2008.04.21: Infosecurity Europe 2008
2008.04.19: Centralisation – Does it Really Help Security?
2008.04.17: What not to do about Social Networking
2008.04.15: The Future of Intellectual Property
2008.04.11: Malware Gets Personal
2008.04.10: The Next Manhattan Project
2008.04.07: Nato Cyberdefences
2008.04.07: Anti-Phorm Petition Climbs the Charts
2008.04.03: Crisis Management is Getting Harder
2008.04.01: We Need Confidence in our ISPs
2008.03.31: The Future of Correspondence
2008.03.31: Cyber Warfare
2008.03.30: Raising the Issues of Biometrics
2008.03.28: The New Cyber Security Czar
2008.03.24: A Step Back for Biometrics
2008.03.21: Responding to e-Crime
2008.03.20: Collaboration Oriented Architecture Hits the Road
2008.03.18: Network IPS is Dead - Long Live Application IPS
2008.03.15: Regaining Public Trust in e-Government Services
2008.03.15: Turning Threats into Opportunities
2008.03.13: The Softer Side of Security
2008.03.10: Confidential Briefings and the Chatham House Rule
2008.03.08: Identity Cards Get Personal
2008.03.04: Sourcing and Security
2008.03.04: Professionalism
2008.03.01: De-perimeterisation Gets Closer
2008.02.28: ATM Security Weaknesses Publicised Again
2008.02.27: Internet Governance
2008.02.24: Cyber Warfare is This Year’s Fashion
2008.02.23: The Future is not all Doom and Gloom
2008.02.20: White Hat Worms
2008.02.17: The Grand Challenge of Securing Cyberspace
2008.02.14: Prudent Overreaction
2008.02.14: Ethical Hacking
2008.02.11: No Hiding Place for Data Breaches
2008.02.11: Measuring Security Progress in an Uncertain World
2008.02.08: The Importance of Email Disclaimers
2008.02.07: The Name of the IT Security Game
2008.02.04: The Evolving Role of Managed Security Services
2008.02.02: Who Needs Network Security?
2008.01.30: Thin Client Solutions to Laptop Theft
2008.01.29: Missing Laptops - Is there an acceptable rate of loss?
2008.01.27: Detecting Insider Threats – Easy in theory, hard in practice
2008.01.23: Suspected Intrusions - To Block or Not to Block?
2008.01.21: Ten Practical Steps to Prevent Laptop Theft
2008.01.18: Consumerisation is Coming Your Way
2008.01.14: Ready or Not, Convergence is the Future
2008.01.12: Physician Heal Thyself
2008.01.09: It’s Time to Clean up our Language
2008.01.07: Better to be Safe than Sorry
2008.01.02: A Black Year for Privacy
2007.12.29: Security Forecasts for 2008
2007.12.26: Security Forecasts for 2007 – Right or Wrong?
2007.12.23: Seek and You Will Find
2007.12.21: Back to Security Basics
2007.12.18: Security Guidance Shouldn’t Be Secret
2007.12.16: 2007 - The Year of Security Awakening
2007.12.13: A Poem for Christmas
2007.12.12: The Art of Model Development
2007.12.11: Next Year’s CIO Agenda
2007.12.10: The Future will be a Better Place
2007.12.10: When Real and Virtual Worlds Collide
2007.12.07: Think Tank Thinking Needs a Few More Ideas
2007.12.06: Closing the Loop – It’s not that difficult
2007.12.04: Social Networking – The Bigger Picture
2007.12.02: Something Wicked This Way Comes
2007.11.29: Don't Forget Your Digital Wallet
2007.11.28: Cock-up or Conspiracy?
2007.11.27: Security is the New Rock And Roll
2007.11.26: Innovation is Where You Least Expect It
2007.11.25: Knee-jerk Reactions Are Not the Answer
2007.11.22: No More Mr Nice Guy – Time for CISOs to Get Tough
2007.11.21: Personal Data Breaches Are Unforgivable
2007.11.19: Security Culture and Social Engineering
2007.11.16: The Old Ones Are the Best
2007.11.15: Human Factors Dominate Today’s Security Problem Space
2007.11.12: Security is the Foundation of Internet Governance
2007.11.12: De-perimeterised Cartoon
2007.11.10: The Future is Mobile but will it be Secure?
2007.11.08: When it comes to Communications, Smarter beats Dumber
2007.11.07: Keeping up with Regulatory Compliance
2007.11.05: The Long and Growing Arm of the Law
2007.11.02: In Search of the Holy Grail of Security Risk Management
2007.11.01: Fear of Cybercrime on the Rise
2007.10.31: A Picture Paints a Thousand Words
2007.10.30: How to win Friends and Influence People
2007.10.29: To Catch a Thief
2007.10.26: Crisis Management and the Number Two Rule of Holes
2007.10.25: Trusted Computing Hits the Road
2007.10.22: The Limitations of Business Continuity Planning
2007.10.21: Counting the Threats from Intelligence Services
2007.10.19: Collaboration is the Key to Tackling Cybercrime
2007.10.17: Compliance Demands Are Getting Too Prescriptive
2007.10.16: One Step Back for the Compliance Bandwagon
2007.10.13: Exploit Wednesday Strikes Again
2007.10.10: The Rich Untapped Seam in Digital Communications
2007.10.06: Preparing for the Coming Storm
2007.10.04: Patient Records – The Debate is Just Starting
2007.10.01: A Sharp Increase in Email Threats
2007.09.28: Why Encryption is a Hard Sell
2007.09.26: Cryptography and Snake Oil
2007.09.23: The Changing Security Threat Landscape
2007.09.21: The Long Road to PCI Compliance
2007.09.19: Beware Publicity-Seeking Security Gurus
2007.09.18: Designing Systems for Peak Demand
2007.09.16: CSI Security Survey Shows Huge Increase in Financial Fraud
2007.09.13: It's Features not Usability that Sells Products
2007.09.12: What Top Security Professionals Really Think
2007.09.10: Cybercrime in the UK
2007.09.07: Can Security Stay Ahead of the Threat?
2007.09.05: Responding to the New Espionage Threats
2007.08.31: Translating Research into Reality
2007.08.29: Security Managers are Getting Smarter
2007.08.26: The Costs of Security Incidents
2007.08.24: What Makes a Good Spy?
2007.08.21: The Strange World of Large Digital Networks
2007.08.18: More on Pandemic Planning
2007.08.16: The Rules of the New Game of Information Warfare
2007.08.14: Data Mining and Fraud Detection
2007.08.13: What Board Members Really Think About Security
2007.08.10: House of Lords Report Points the Way Forward
2007.08.08: Should Security Be Nasty or Nice?
2007.08.07: No Sensations at This Year's Black Hat
2007.08.05: Security Needs a New Direction
2007.08.02: Trends in Security Technology
2007.07.31: What’s in a Name?
2007.07.30: No Disaster is Too Large to Plan For
2007.07.28: Are We Prepared for a London Flood?
2007.07.27: Another Breach of Credit Card Data
2007.07.25: A Good Time to Review Business Continuity Plans
2007.07.23: More Personal Data at Risk
2007.07.20: Security Classifications – more than just a label
2007.07.17: Top 10 Security Developments of the Last Decade
2007.07.16: The Implications of Merging Business and Personal Lifestyles
2007.07.14: Crisis Room Design – Fantasy and Reality
2007.07.12: De-perimeterisation – What does it really mean?
2007.07.10: Data Breach Disclosure Will Focus Minds and Business Cases
2007.07.09: Identity Management – Who Decides?
2007.07.08: Security in Identity Management – There’s a long way to go
2007.07.07: Who Will Control the Market in Zero-Day Vulnerabilities?
2007.07.05: Long Term Data Storage – The Real Ticking Time Bomb
2007.07.03: Changing Threats Require Better User Security Awareness
2007.07.01: Traffic Analysis Reveals Interesting Internet Activity
2007.06.28: The Dark Side of Security
2007.06.27: Security Awareness – how much should we spend?
2007.06.25: The Future of Democracy
2007.06.22: The Costs of Data Leakage
2007.06.20: Blackberrys Discouraged By French Government
2007.06.18: DTI Unveils New Research in Human Vulnerabilities
2007.06.17: The Global Compliance Environment
2007.06.14: What Makes a Top CIO?
2007.06.13: Human Factors are This Year's Security Focus
2007.06.11: Privacy Expectations on the Internet?
2007.06.09: Is Anti-Virus Technology Dying?
2007.06.08: Minimum Security Standards Are Mandatory for Safeguarding Customer Data
2007.06.06: Designer Security Strikes Again
2007.06.05: Mobile Device Security
2007.06.03: If You Can't Stop It, Try Monitoring It
2007.05.31: Service Providers Should Immediately Inform Users About Incidents Affecting Their Services
2007.05.29: IT and Physical Security Management - Should they be Integrated?
2007.05.28: Security and the Great Game of Fly-Fishing
2007.05.25: We Give Our Enemies Too Much Credit
2007.05.22: Time to Consider Quantum-Immune Cryptographic Solutions
2007.05.20: Don't miss out on the Cyber Security KTN Conference
2007.05.19: Honesty and Openness are the Foundations of Real Security
2007.05.15: How Business Continuity is Changing
2007.05.14: Federated Identity Management - The Real Issues
2007.05.12: Big Brother Google
2007.05.12: More Paranoia - this time from Microsoft
2007.05.10: Information Age Paranoia
2007.05.08: The Future of Security
2007.05.05: Whither De-perimeterisation?
2007.05.03: Securing Portable Devices Isn't Easy
2007.04.29: How Real is the Threat of Cyber Terrorism?
2007.04.27: Standalone Security Solutions Dominate Infosecurity Europe
2007.04.23: What To Look Out For At Infosecurity Europe
2007.04.22: Have We Reached a Tipping Point in Consumer Credit Card Confidence?
2007.04.20: The Future of Acceptable Use Policy
2007.04.17: Acceptable Use Policies Not Acceptable Enough
2007.04.16: US Government Scorecard Shows Improvement
2007.04.13: Security Architecture - How to do it Properly
2007.04.11: Wilfing - The Curse of Security Architecture
2007.04.10: Don't Judge Microsoft on a Single Glitch
2007.04.07: Real-Time Intelligence on Terrorist Incidents
2007.04.05: Whither Digital Rights Management?
2007.04.03: Book Your Ticket to FIRST in Seville
2007.04.02: Why We Need The PCI Security Standard
2007.03.30: Support Your Local WARP
2007.03.29: Paranoia does not Create a Healthy Business Climate
2007.03.27: Safeguarding Privacy in a Surveillance Society?
2007.03.25: The Economics of Security - How hard can it be?
2007.03.23: Y2K Lessons Forgotten Already
2007.03.23: Oracle Sues SAP for Information Theft
2007.03.21: How Much Do We Really Spend on IT Security?
2007.03.19: The Future of Digital Space and Place
2007.03.17: The Importance of Closing the Loop
2007.03.15: Unacceptable Physical Security Must Be Corrected
2007.03.14: Laptop Encryption Becoming Standard Issue
2007.03.12: The Future of Fraud Detection
2007.03.12: Secure Software Development
2007.03.07: The Hidden Cost of Fraud
2007.03.05: Wi-Fi Eavesdropping Gets Easier
2007.03.02: Secure Software Development - Let's make it happen
2007.02.28: Are We Ready for RFID?
2007.02.24: Applying the Fourth Dimension to Security
2007.02.22: Time for a New Standard for Software Development
2007.02.21: Online Shopping Deserves Better Security
2007.02.20: More on Laptop Losses – How many go missing?
2007.02.19: Laptop Thefts Down at the FBI
2007.02.17: Consolidation or Proliferation? The Future of Security Products
2007.02.17: The Importance of Security Surveys
2007.02.14: Responding to the Growing Complexity in IT and Security
2007.02.12: The Future of Standalone Security Products
2007.02.11: Microsoft joins the Deperimeterisation Bandwagon
2007.02.10: Planning for The Future
2007.02.06: The Art of User Awareness
2007.02.04: e-Crime in The Capital
2007.02.02: From Forensics to e-Discovery
2007.01.31: Gaining the Attention of Management Boards
2007.01.28: Moore's Law and Security
2007.01.28: White Hats Do Good
2007.01.26: Security and the Environment
2007.01.24: Time to Publicise Security Incidents?
2007.01.22: Employee Monitoring - a hot topic for 2007
2007.01.21: Designer Firewalls
2007.01.20: More Testing Please
2007.01.17: The Perils of Mis-addressed Communications
2007.01.17: Better Authentication Needed to Counter Man-in-the-Middle Attacks
2007.01.12: Database Security - Patching is not enough
2007.01.10: Countering the Threat of Information Security Fatigue
2007.01.09: Who Needs Firewalls?
2007.01.06: ATM Security - and how not to improve it
2007.01.06: Lookalikes
2007.01.05: Real Crime in the Virtual World
2007.01.04: Vista Content Protection – Can we have the facts please?
2007.01.03: Security and Governance – One size doesn’t always fit all
2007.01.01: A Security Resolution for 2007 - Embed Security into your System Development Cycle
2006.12.29: Security Forecasts for 2007
2006.12.27: People, Process or Technology - Which hits the spot?
2006.12.23: Security Achieves a New Level of Maturity
2006.12.22: ID Cards and the Perils of Identity Management
2006.12.20: A Worrying Trend in Malware
2006.12.19: Truth, Lies and Perception
2006.12.17: The Strengths and Weaknesses of Data Mining
2006.12.15: Digital Rights Management – Must Try Harder
2006.12.14: Identity Management in a Virtual World
2006.12.13: Neuro-Linguistic Programming – Snake Oil or Powerful Management Tool?
2006.12.12: Managing Security Perception
2006.12.11: It's time to sort out our Information Management
2006.12.10: Dirty tricks in the Name of Security
2006.12.09: What's Your Risk Appetite?
2006.12.08: Entering the Dark World of Cyber Crime
2006.12.07: The Importance of Training
2006.12.05: Building a Secure World
2006.12.04: Which Works Best? Point Solutions or Integrated Security?
2006.12.03: Databases are the New Target
2006.12.01: Security companies need to maintain higher security standards
2006.12.01: Terrorist Cyber Threats – how much should we be concerned?
2006.11.30: Microsoft Vista - a welcome arrival
2006.11.29: Securing the Written and Spoken Word
2006.11.29: Crisis Management – a lesson from British Airways
2006.11.29: Security Risk Assessment - Can it be automated?
2006.11.27: Visibility and Metrics - the keys to effective security
2006.11.27: Managing Personal Identity Information
2006.11.26: The Torchwood Option
2006.11.25: Economics and Security
2006.11.24: Inside the Jericho Forum
2006.11.23: Laptop security - it's not that difficult
2006.11.22: What the SANS Top 20 really tells us
2006.11.21: Employee monitoring - has Big Brother arrived?
2006.11.21: Who is David Lacey?
2006.11.21: Welcome to my world

David Lacey's IT Security Blog

The latest ideas, best practices, and business issues associated with managing security

Archives

Search

Recent Posts

Categories

Archives