David Laceys IT Security Blog

June 2008

• In search of better Identity Management

  David Lacey 30 Jun 2008

Last week I met up with Microsoft to catch up with their progress in developing a better, user-centric identity infrastructure. Microsoft's journey started with an ambitious but ill-fated venture ...

• Changing Security Culture

  David Lacey 26 Jun 2008

The recently published Poynter report on the loss of HMRC discs containing personal details of 25 million citizens confirms what most of us already suspected. Security is not taken seriously enough ...

• The solution needs to fit the problem

  David Lacey 23 Jun 2008

Today's press reports that Councils in England have been urged to review the way they use surveillance powers to investigate suspected crime. The suggestion is that they should not be used for ...

• The next big threat

  David Lacey 20 Jun 2008

I've just been informed that a recent video interview with me on Sarb Sarb Sembhi's excellent Virtually Informed site has been voted "Answer of the Month for May". It's my response to the question ...

• Future security architecture

  David Lacey 16 Jun 2008

Last week I was fortunate to catch an excellent presentation at GC 2008 by Martin Sadler, Director of HP Labs' Systems Security Lab, on the future of security and identity management. If you ...

• Security culture in Government

  David Lacey 15 Jun 2008

The recent confidential document breaches by UK Government officials have prompted observers such as Dame Pauline Neville-Jones to suggest that there is a "culture of carelessness". Is this true? ...

• In search of the spirit of Bletchely Park

  David Lacey 13 Jun 2008

I'm watching with interest to see how long it takes for the security community to develop an antidote to the latest version of the Gpcode virus which encrypts files using strong encryption. A week ...

• Intrusion detection is alive and well

  David Lacey 11 Jun 2008

I met up this morning with Marty Roesch, the CTO and founder of Sourcefire and SNORT, the open source intrusion detection engine. It's always a delight and a privilege to meet Marty. He's one of ...

• Yet another data breach

  David Lacey 10 Jun 2008

This time it's the credit card details of up to 38,000 customers of clothing retailer Cotton Traders that have been stolen according to the BBC News. The firm claim to have upgraded their security. ...

• When business becomes personal

  David Lacey 09 Jun 2008

The Register carries an interesting story about a former employee of recruitment firm Hays who's accused of using LinkedIn to steal clients for his own agency. He claims to have been encouraged by ...

• Predicting the outcome of events

  David Lacey 07 Jun 2008

Today I shall be at the Epsom Derby trying to pick a winner on incomplete information. I shall probably go for Tajaaweed as he's around ten to one and appears to have a better chance than that of ...

• Uncontrolled printing

  David Lacey 05 Jun 2008

According to The Register, ENISA, the European Network and Information Security Agency, have just rediscovered the forgotten and widely ignored risks of uncontrolled printing. Having shared laser ...

• Security news on video

  David Lacey 04 Jun 2008

A few weeks back I was interviewed on film by Sarb Sembhi. The results have just appeared on Virtually Informed, a video news web site aimed at the security industry. It's an interesting concept. ...

• The Cost of Data Breaches

  David Lacey 03 Jun 2008

I see that yet another bank has come clean about a loss of personal data information. This time it's Bank of New York Mellon. They have admitted to losing tapes containing personal details of 4.5 ...

• Recession-resistant careers

  David Lacey 01 Jun 2008

An article on this subject in the Boston Globe caught my eye. It lists computer security specialists as one of five categories of recession-resistant careers, alongside teaching, ...