David Laceys IT Security Blog

November 2007

  • Don't Forget Your Digital Wallet

    David Lacey 29 Nov 2007
  • Digital cash wallets seems to be a long time coming. It must have been about fifteen years ago when I saw Bob Fletcher of NatWest Bank presenting the concept of the Mondex electronic money card to ...

  • Cock-up or Conspiracy?

    David Lacey 28 Nov 2007
  • It’s interesting to discuss root causes of data breaches such as the recent HMRC breach with other security professionals. Most agree with my general suspicion that when something like this goes ...

  • Security is the New Rock And Roll

    David Lacey 27 Nov 2007
  • I always felt there was potential for IT Security to become fashionable, especially with those Die Hard and James Bond connections. Of course the problem is the rather pedestrian types that IT ...

  • Innovation is Where You Least Expect It

    David Lacey 26 Nov 2007
  • I take a close interest in Innovation. It’s vital to Security because the problem and solution spaces are constantly changing. It’s also a fascinating problem: a simple concept but one that ...

  • Knee-jerk Reactions Are Not the Answer

    David Lacey 25 Nov 2007
  • Today’s newspapers are full of finger-pointing and spin about the HMRC data breach. And the blogisphere continues to churn out mixed commentary and advice, some sensible and some ill-advised. Of ...

  • No More Mr Nice Guy – Time for CISOs to Get Tough

    David Lacey 22 Nov 2007
  • One of my predictions for 2007 was that this would be the year that CISOs would finally get tough with business units, tightening corporate firewall policies and closing down insecure connections. ...

  • Personal Data Breaches Are Unforgivable

    David Lacey 20 Nov 2007
  • This week I’m in New York on a short visit but my attention has been grabbed by events in the UK HM Revenue and Customs, i.e. the announcement of a loss of discs containing personal data on 25 ...

  • Security Culture and Social Engineering

    David Lacey 18 Nov 2007
  • I was interested to read my fellow blogger Stuart King’s posting on Psychology and Security. In particular he raises the tricky question about what a member of staff should do when confronting a ...

  • The Old Ones Are the Best

    David Lacey 16 Nov 2007
  • It’s an interesting phenomenon that chip speed and memory size both keep increasing in leaps and bounds, yet laptop performance continues to get slower. It’s always been the case as far as I can ...

  • Human Factors Dominate Today’s Security Problem Space

    David Lacey 15 Nov 2007
  • Earlier this week I gave the closing keynote address at Kable’s Information Security in the Public Sector conference in London. The subject, requested by Kable, was “Creating a Security Conscious ...

  • Security is the Foundation of Internet Governance

    David Lacey 12 Nov 2007
  • This week sees the second meeting, in Rio de Janeiro, of the Internet Governance Forum, an organisation established by the United Nations to debate public policy issues associated with the ...

  • De-perimeterised Cartoon

    David Lacey 12 Nov 2007
  • I couldn’t resist a smile at Bruce Schneier’s blog posting of a New Yorker cartoon, with a de-perimeterisation theme. I've always liked New Yorker cartoons, especially the dog ones, and you can buy ...

  • The Future is Mobile but will it be Secure?

    David Lacey 10 Nov 2007
  • The past week has seen three developments likely to fuel future growth in the use of mobile devices. The first is Apple’s UK i-Phone launch, which might not be the most advanced device in terms of ...

  • When it comes to Communications, Smarter beats Dumber

    David Lacey 08 Nov 2007
  • Yesterday Andrew Yeomans of Dresdner put a risk management challenge to me and fellow blogger Stuart King. The issue arose from a discussion about Get Safe Online, the educational site aimed at ...

  • Keeping up with Regulatory Compliance

    David Lacey 07 Nov 2007
  • I’m often asked how best to keep up with the compliance bandwagon. It’s not easy. You can subscribe to the expensive IT research services offered by the likes of Gartner or Forrester, but much of ...