Sapsiwai - Fotolia

David Laceys IT Security Blog

Information security expert David Lacey discussed the latest ideas, best practices, and business issues associated with managing security.

January 2007

Gaining the Attention of Management Boards
David Lacey 31 Jan 2007

This week it’s been put to me several times that the major problem for the Security function is gaining the attention and support of Management Boards. This surprises me because contemporary ...

Moore's Law and Security
David Lacey 28 Jan 2007

Intel’s announcement that they will start manufacturing processors with transistors 45 nanometres wide means that Moore’s Law remains intact. For several years pessimists have speculated that this ...

White Hats Do Good
David Lacey 28 Jan 2007

Friday’s excellent White Hat Ball demonstrated that security professionals can deliver value to the Community, by raising a substantial amount of money for the Childline Charity. It was great to ...

Security and the Environment
David Lacey 26 Jan 2007

It’s always interesting to see what’s currently on the CIO agenda, so I took a couple of days out this week to attend Information Age’s Effective IT Summit at the Vale Hotel in Cardiff. Gaining ...

Time to Publicise Security Incidents?
David Lacey 24 Jan 2007

Ed Gibson's comments on my recent posting on "information security fatigue" raise a timely and important issue: Should we now publicise security incidents? I'm in favour. Compliance is already ...

Employee Monitoring - a hot topic for 2007
David Lacey 22 Jan 2007

Tonight I'm again debating the subject of Employee Monitoring at a CISO dinner. I've already posted some thoughts on this subject. But I've noticed quite a lot of interest and debate now being ...

Designer Firewalls
David Lacey 21 Jan 2007

For some months I’ve been beta testing an entirely new form of firewall. In fact it’s much more than that with 13 layers of security protection contained within a smart, pocket-size USB device that ...

More Testing Please
David Lacey 20 Jan 2007

It was refreshing and reassuring to see the Home Office coming clean about the lessons learned from the failure last year if its Electronic Passport Application system. I can understand the ...

The Perils of Mis-addressed Communications
David Lacey 17 Jan 2007

Stuart King's blog posting on the danger of accidentally misaddressing emails reminded me of an incident I came across several years ago. But this was the opposite problem. Wrong source rather than ...

Better Authentication Needed to Counter Man-in-the-Middle Attacks
David Lacey 17 Jan 2007

RSA have reported the discovery of a “Universal Man-in-the-Middle Phishing Kit” offered for free trial on an online fraudster forum. The kit enables fraudsters to create a fraudulent URL via a ...

Database Security - Patching is not enough
David Lacey 12 Jan 2007

Next Tuesday, 16th January 2007, Oracle will issue 52 critical patches. It’s clearly a great leap forward for database vulnerability management. But it also illustrates the size of our security ...

Countering the Threat of Information Security Fatigue
David Lacey 10 Jan 2007

Charles Pask's comments on my recent blog postings raise an interesting and realistic new threat: that our industry might lose credibility due to non-events, because we are simply too good at what ...

Who Needs Firewalls?
David Lacey 09 Jan 2007

Reading a recent Techtarget email summary of security content from 2006 pointed me to an excellent paper "Security without firewalls: Sensible or silly?" about the San Diego Supercomputer Center's ...

ATM Security - and how not to improve it
David Lacey 06 Jan 2007

The newspapers are full of stories about Ross Anderson’s experiments with ATMs, demonstrating something we already know quite well, which is that if you spend enough time in a laboratory with a ...

Lookalikes
David Lacey 06 Jan 2007

Looking at a couple of web sites from security vendors, I noticed a curious resemblance in the photographs. Chronicle Solutions, a UK vendor of digital communications monitoring solutions, and High ...

SearchCIO

David Laceys IT Security Blog

Information security expert David Lacey discussed the latest ideas, best practices, and business issues associated with managing security.

January 2007

Gaining the Attention of Management Boards

Moore's Law and Security

White Hats Do Good

Security and the Environment

Time to Publicise Security Incidents?

Employee Monitoring - a hot topic for 2007

Designer Firewalls

More Testing Please

The Perils of Mis-addressed Communications

Better Authentication Needed to Counter Man-in-the-Middle Attacks

Database Security - Patching is not enough

Countering the Threat of Information Security Fatigue

Who Needs Firewalls?

ATM Security - and how not to improve it

Lookalikes

-ADS BY GOOGLE

SearchCIO

CIO presentation to the board of directors: Candid tips from CIOs

Edge computing use cases must be driven by business value

OT security brings new challenges in the age of IoT

SearchSecurity

Global cryptomining attacks use NSA exploits to earn Monero

New evasive spear phishing attacks bypass email security measures

RPA security best practices include access control, system integration

SearchNetworking

Wi-Fi Certified 6 launches new era for wireless connectivity

Try a CCNA 200-301 practice quiz from the official cert guide

Prepare for the CCNA 200-301 exam with this guide preview

SearchDataCenter

New Dell EPYC servers embrace AMD Rome chips

Can next-gen SIEM help cybersecurity initiatives?

IBM z15 mainframe secures data across multi-cloud environments

SearchDataManagement

InfluxDB Cloud 2.0 expands open source time series database

New cloud and on-premises options for Oracle Autonomous Database

How big tech breakup would affect the tech industry