David Laceys IT Security Blog

September 2007

• Why Encryption is a Hard Sell

  David Lacey 28 Sep 2007

My last posting generated a few comments condemning vendors who exaggerate the capabilities of their security products. The security market is now fairly mature so it's surprising that vendors are ...

• Cryptography and Snake Oil

  David Lacey 26 Sep 2007

Bruce Schneier is a bright guy and a first-class writer but he does have the unfortunate habit of appearing to rubbish new security products, without any evidence that he’s actually looked at them. ...

• The Changing Security Threat Landscape

  David Lacey 23 Sep 2007

Last week Symantec issued their latest Internet Security Threat Report. These six-monthly reports have become essential reading for all security practitioners. The latest 30 page report (it could ...

• The Long Road to PCI Compliance

  David Lacey 21 Sep 2007

There are always plenty of businesses that have to be dragged kicking and screaming to the compliance killing floor. So it’s no surprise to read a survey by The Logic Group that suggests that only ...

• Beware Publicity-Seeking Security Gurus

  David Lacey 19 Sep 2007

For the past few days I’ve been reading some strange reports coming out of a Gartner Security conference in London. Enough to make me wonder whether the speakers are on the same planet as the rest ...

• Designing Systems for Peak Demand

  David Lacey 18 Sep 2007

I was interested to read Tom Ilube’s comments on the BBC Website about the failure of Northern Rock’s systems to cope with the recent exceptional demand. As one of the pioneers of online banking ...

• CSI Security Survey Shows Huge Increase in Financial Fraud

  David Lacey 16 Sep 2007

Average annual losses from security incidents have doubled according to the Computer Security Institute’s 12th Annual Computer Crime and Security Survey. Regardless of the accuracy of the ...

• It's Features not Usability that Sells Products

  David Lacey 13 Sep 2007

The blog postings have been a little thin over the last fortnight as I’ve been holidaying in one of those chic designer hotels. You know. The ones that have Zen styling, Eastern spa treatments, ...

• What Top Security Professionals Really Think

  David Lacey 12 Sep 2007

Just published on the Computer Weekly Website are a couple of videos of interviews I conducted recently with leading Heads of Security from interesting organisations. They’re worth watching. The ...

• Cybercrime in the UK

  David Lacey 10 Sep 2007

A new report commisoned by Garlick, a UK vendor of privacy management services, on the subject of UK Cybercrime, contains some interesting findings. Such surveys are essential reading for security ...

• Can Security Stay Ahead of the Threat?

  David Lacey 07 Sep 2007

I often sit back and reflect on whether we are really winning the war against malicious security threats. The answer of course is "Yes". Otherwise we'd already be in dire straits. But it's ...

• Responding to the New Espionage Threats

  David Lacey 05 Sep 2007

For the last few days the media has been reporting alleged hacking attacks on US, UK and German government targets originating from China. It's to be expected of course as any new channel for ...