Sapsiwai - Fotolia

David Laceys IT Security Blog

Information security expert David Lacey discussed the latest ideas, best practices, and business issues associated with managing security.

November 2006

  • Microsoft Vista - a welcome arrival

    David Lacey 30 Nov 2006
  • It’s always easy and fashionable to knock big vendors, especially when there are vested interests at stake. So it’s not surprising to see one or two negative press comments on the release of ...

  • Securing the Written and Spoken Word

    David Lacey 29 Nov 2006
  • Two unrelated news items caught my eye today, one an obscure case about a cheque modification fraud based on erasable ink pens, which I picked up from Bruce Schneier's blog, and the other one a ...

  • Crisis Management – a lesson from British Airways

    David Lacey 29 Nov 2006
  • I’ve tracked with some interest the developing media coverage triggered by the British Airways uniform controversy. I always recommend that anyone working in security takes a close interest in any ...

  • Security Risk Assessment - Can it be automated?

    David Lacey 29 Nov 2006
  • My last blog posting kicked off a number of interesting discussions, including one on the subject of automated security risk management, raised by a friend from Brabeion, a compliance management ...

  • Visibility and Metrics - the keys to effective security

    David Lacey 27 Nov 2006
  • I’ve long preached about the importance of visibility and metrics in security. Unless you have line of sight of the security threats, vulnerabilities and incidents that are actually impacting your ...

  • Managing Personal Identity Information

    David Lacey 27 Nov 2006
  • I just couldn’t resist signing up for a free trial of a new identity management service from a UK start-up company called garlik (sic). This fascinating new product promises to find, track and ...

  • The Torchwood Option

    David Lacey 26 Nov 2006
  • Looking ahead at tonight’s television schedules set me thinking about Torchwood and how we could exploit this concept. I don’t mean the alien stuff but rather the idea of establishing a ...

  • Economics and Security

    David Lacey 25 Nov 2006
  • Reading my colleague’s Stuart King’s blog posting on the financial impact of security incidents reminded me of the continuing obsession that many parts of industry and academia still seem to have ...

  • Inside the Jericho Forum

    David Lacey 24 Nov 2006
  • Today I attended an all-day Jericho Forum Members’ meeting hosted by Eli Lilly at their Bagshot campus. It was a good session. We had some excellent and lively debates, with interesting ...

  • Laptop security - it's not that difficult

    David Lacey 23 Nov 2006
  • Yet another laptop theft story in the newspapers. This time a case of three stolen laptops containing payroll and pension details of more than 15,000 Met Police officers. Following on from the ...

  • What the SANS Top 20 really tells us

    David Lacey 22 Nov 2006
  • Last week’s publication of the SANS Top 20 confirms a surge in sophisticated zero-day attacks on users and web applications. It should be seen as a wake-up call for those organisations who think ...

  • Employee monitoring - has Big Brother arrived?

    David Lacey 21 Nov 2006
  • The subject of Employee Monitoring is currently at the forefront of my mind as I polish up my notes on for a talk on this subject at a CISO dinner tonight at the London Capital Club. I’ve been ...

  • Who is David Lacey?

    David Lacey 21 Nov 2006
  • David Lacey is a leading international authority on Information Security Management with more than 20 years professional experience of building Security and Risk functions for large organisations, ...

  • Welcome to my world

    David Lacey 21 Nov 2006
  • Everyone that knows me will appreciate just how pleased I am to be given my very own electronic soap box. As a long-standing pioneer, promoter and critic of all things new in Information Security, ...