Sapsiwai - Fotolia

David Laceys IT Security Blog

Information security expert David Lacey discussed the latest ideas, best practices, and business issues associated with managing security.

May 2008

  • Bletchley Park needs your help

    David Lacey 30 May 2008
  • I've always had a soft spot for Bletchley Park (BP). It's an important piece of history and it needs to be preserved, and not just the physical site but also the spirit of innovation and creativity ...

  • Insider Threats

    David Lacey 28 May 2008
  • A survey published today by Secure Computing Corporation, a security vendor, reveals an increasing concern by IT Directors about insider threats. More than 80% of the 103 Directors surveyed were ...

  • The Limitations of Risk Management

    David Lacey 26 May 2008
  • I'm just back from a week of splendid isolation, fly-fishing in Scotland and free from mobile phone networks and Internet connections. Amazingly the weather was dry every day, highly unusual for ...

  • Security Mindset

    David Lacey 16 May 2008
  • Bruce Schneier's remarks about the security mindset, the thinking you need to design effective security countermeasures, to think like an attacker, are interesting. He's certainly correct that such ...

  • Secure by Design

    David Lacey 16 May 2008
  • One of the most underdeveloped areas of security is the art of designing systems that are intrinsically secure, for example by designing in deterrents to attackers and thieves. Classic examples of ...

  • The Backward World of Secure Software Development

    David Lacey 15 May 2008
  • My blog postings have been a bit thin this week, as I've been awaiting the latest blog software upgrade, which should improve the performance substantially. I've been reflecting on last Friday's ...

  • Information Meltdown

    David Lacey 12 May 2008
  • As if it wasn’t bad enough to have organisations losing sensitive citizen information, we now have hackers publicising the stuff to make a point about the need for better security. The incident, in ...

  • Presumed Guilty

    David Lacey 10 May 2008
  • I was surprised to read reports that the UK retail sector has quietly set up a register, The National Staff Dismissal Register, of staff who’ve been dismissed or left employment while under ...

  • Yet Another Security Circle

    David Lacey 07 May 2008
  • Google are sponsoring their participation in oCERT, a new form of computer emergency response team style service for the open source community. The service aims to “help both large infrastructures, ...

  • White Hat Dilemma

    David Lacey 04 May 2008
  • I was interested last week to read in The Register about TippingPoint’s success in reverse engineering the executable behind the Kraken botnet, enabling to build a fake server that identified ...