David Laceys IT Security Blog

August 2008

  • Offensive strategies

    David Lacey 29 Aug 2008
  • You can tell it's still the silly season for news, when items about the science of fly swatting hit the front pages of broadsheet newspapers. At first glance, it seems a trivial story. On second ...

  • It's always two steps forward, another step back

    David Lacey 28 Aug 2008
  • Security technology has a habit of replacing the problem that it solves with an entirely new one. Encryption, for example, hides your data from others, but that also includes the user if he forgets ...

  • Reported breaches will keep growing and growing

    David Lacey 27 Aug 2008
  • It's essential to keep abreast of surveys of security incidents. They provide a small glimmer of visibility on what's essentially a dark hidden area. There are a few reasons why we're kept in the ...

  • Achieving a security culture change

    David Lacey 22 Aug 2008
  • The latest reported loss of 84,000 unencrypted confidential Home Office records by PA Consulting illustrates the massive challenge of eradicating bad security practices across Whitehall. Massive ...

  • Irresponsible disclosure

    David Lacey 18 Aug 2008
  • The arguments continue about the recent court order by the Massachusetts Bay Transportation Authority to prevent MIT researchers from revealing flaws in the security of its e-ticketing system. It ...

  • The real Security 2.0

    David Lacey 13 Aug 2008
  • I note that my fellow blogger Stuart King has been speculating on security topics for 2009. It's natural in his line of business. His company organises many international security events. Stuart ...

  • Why we really do risk management

    David Lacey 09 Aug 2008
  • It's encouraging to see the Cabinet Office publish a National Risk Register, which sets out the Government assessment of the likelihood and potential impact of a range of different risks that may ...

  • Data leakage prevention

    David Lacey 04 Aug 2008
  • I see that McAfee has announced that it's buying Reconnex, a data loss prevention firm, for $46 million. It's the latest in a line of similar acquisitions by rival security vendors. Data loss ...