David Laceys IT Security Blog

December 2006

• Security Forecasts for 2007

  David Lacey 29 Dec 2006

It’s getting to that time of the Season when many of us look ahead to a New Year with mixed emotions of hope, fear, uncertainty or just plain boredom. What will 2007 bring? Will it be more of same? ...

• People, Process or Technology - Which hits the spot?

  David Lacey 27 Dec 2006

Last week I gave a presentation on the subject of “Managing the Human Dimension” to Iain Sutherland’s excellent Independent Information Security Group. It got me thinking about the balance between ...

• Security Achieves a New Level of Maturity

  David Lacey 23 Dec 2006

Looking back over 2006 I have to say that although it’s been largely more-of-the-same for many IT Security practitioners, there's undoubtedly been a significant shift in the perception of other ...

• ID Cards and the Perils of Identity Management

  David Lacey 22 Dec 2006

So the Home Office has decided to scale back its controversial plans for National ID Card Programme. Instead of a single, clean database generated from scratch, it will now build on three existing ...

• A Worrying Trend in Malware

  David Lacey 20 Dec 2006

Techworld reports a disturbing trend in the sophistication of malware. The problem is that it's declining. Alexander Gostev, Head of Kaspersky Lab, points out that higher volumes of low-quality ...

• Truth, Lies and Perception

  David Lacey 19 Dec 2006

The highlight of yesterday’s 17th Hewlett-Packard Colloquium at Royal Holloway University of London was an excellent talk by Ian Curry, CISO of Reuters, which gave a fascinating insight into what ...

• The Strengths and Weaknesses of Data Mining

  David Lacey 17 Dec 2006

Bruce Schneier’s blog drew my attention to a recent report on the limits of predictive data mining for counterterrorism, published by the Cato Institute, a libertarian public policy research ...

• Digital Rights Management – Must Try Harder

  David Lacey 15 Dec 2006

So Bill Gates has also discovered that Digital Rights Management “is not where it should be” according to reports from a group of influential bloggers he invited to Redmond. ”We don't have the ...

• Identity Management in a Virtual World

  David Lacey 14 Dec 2006

I was highly impressed with the company and the discussion at a CIO dinner in London last night. A main topic of conversation was Second Life, the new virtual reality world that seems to have ...

• Neuro-Linguistic Programming – Snake Oil or Powerful Management Tool?

  David Lacey 13 Dec 2006

For some years I’ve been observing the quiet infiltration of Neuro-Linguistic Programming (NLP) into many respectable professions. I’m not an expert on NLP but it seems to me to be a rather bizarre ...

• Managing Security Perception

  David Lacey 12 Dec 2006

The need to manage perception seems to be a hot topic these days. Stuart King’s blog posting earlier this month got me thinking about the importance of personal perception. But managing perception ...

• It's time to sort out our Information Management

  David Lacey 11 Dec 2006

I’ve been pointing out for some time that professional Information Management has largely collapsed in most organizations. It’s to be expected of course, following the radical changes in ...

• Dirty tricks in the Name of Security

  David Lacey 10 Dec 2006

Last week’s $14.5 million settlement payment by Hewlett-Packard to California’s top prosecutor may have diffused a crisis. But it leaves many question marks about the ethics of big companies, the ...

• What's Your Risk Appetite?

  David Lacey 09 Dec 2006

One of my colleagues drew my attention to a recent posting on the GetSafeOnline blog pointing out the lack of IT security training at MI6. In the new James Bond film, Casino Royale, a Swiss banker ...

• Entering the Dark World of Cyber Crime

  David Lacey 08 Dec 2006

We should all be concerned about the growing criminalization of hacking, highlighted in a new, updated report by McAfee on Organised Crime and the Internet. This publication confirms a disturbing ...