Sapsiwai - Fotolia

David Laceys IT Security Blog

Information security expert David Lacey discussed the latest ideas, best practices, and business issues associated with managing security.

January 2009

  • Guidelines should be simple but effective

    David Lacey 31 Jan 2009
  • ISACA, the Information Systems Audit and Control Association, has just launched a guide designed to provide IT security chiefs with an independent framework to help manage their information ...

  • Security awareness: a short step in a long journey

    David Lacey 29 Jan 2009
  • Yesterday I was fortunate to attend Martin Smith's Security Awareness Special Interest Group. It was a sell-out event at BT Centre in London with close to a couple of hundred attendees from across ...

  • Virtual Shadows

    David Lacey 27 Jan 2009
  • Last night I attended the launch party for Karen Lawrence Öqvist's excellent book "Virtual Shadows: Your Privacy in the Information Society". This book is a recommended read: a well-written, ...

  • Managing the aftermath of data breaches

    David Lacey 25 Jan 2009
  • The most interesting aspect of the recently reported data breach at Heartland Payment Systems is the relatively light press coverage. The full scale of the breach has yet to be established, but it ...

  • A New Book for a New Year

    David Lacey 23 Jan 2009
  • Today is a special day for me as it marks the official publication of my book "Managing the Human Factor in Information Security". I received a box full of copies a few days ago. Ever since then, ...

  • In search of simplicity

    David Lacey 20 Jan 2009
  • The Royal Society of Chemistry has recently published the top five solutions to the Italian Job challenge prize, which aimed to find a solution to the cliff-hanging ending of the film. More than ...

  • Who can you trust?

    David Lacey 18 Jan 2009
  • How honest are people? It's a good question and an important one as we head into a socially networked world offering greater empowerment and information access to both our staff and customers. The ...

  • The tone at the top

    David Lacey 17 Jan 2009
  • Many people tell me that the real problem they face in getting public or private sector organizations to address information security is the lack of understanding and interest at the top. That's ...

  • Never assume a security measure is foolproof

    David Lacey 11 Jan 2009
  • It's always interesting to observe the reaction of the media and cryptographic community to announcements that an algorithm has been broken. It says a lot about our perspective on security ...

  • In search of better Information Governance

    David Lacey 08 Jan 2009
  • Lately I've had some interesting email exchanges with colleagues in Australia about press reports of increasing levels of citizen surveillance in the UK. This steady erosion of personal privacy is ...