David Laceys IT Security Blog

December 2009

  • Standing at the Crossroads

    David Lacey 30 Dec 2009
  • At the close of the first decade of the 21st Century I find myself writing my 500th blog posting for Computer Weekly. It's an appropriate occasion to look back at the last ten years and look ahead ...

  • Security Forecasts for 2010

    David Lacey 30 Dec 2009
  • What will 2010 hold for information security professionals? Will it be more of the same? Or will it herald major changes? Personally, I believe it will be a year of change. Amongst other things, I ...

  • Security Forecasts for 2009 - Right or Wrong?

    David Lacey 29 Dec 2009
  • As we near the end of 2009 it's interesting to look back and see how accurate my January forecasts were. I predicted that: fraud would hit the roof; information warfare would get real; human ...

  • Obama makes the right choice

    David Lacey 22 Dec 2009
  • I was pleased to see that President Barack Obama has picked Howard Schmidt to serve as National Cybersecurity Coordinator. As I've said before, Howard is the best choice as he has subject area ...

  • In the bleak mid winter

    David Lacey 19 Dec 2009
  • Each year at this time, former JP Morgan security veteran Alan Stockey crafts an irreverent festive poem with a contemporary theme. This year he's elected to Green. In the bleak mid winterClimate's ...

  • Root causes of vulnerable systems

    David Lacey 18 Dec 2009
  • It seems staggering to read that militants in Iraq were able to intercept live video feeds from aircraft and Predator drones using a $26 software package. And this problem is reported to be ...

  • Cloud computing security developments

    David Lacey 13 Dec 2009
  • Last week's excellent ISSA-UK Chapter meeting, kindly hosted by KPMG, highlighted two interesting security developments in cloud computing. The first was that this is a rapidly developing subject ...

  • SSL vulnerabilities

    David Lacey 11 Dec 2009
  • Bruce Schneier's advice on the recently announced SSL vulnerability is sensible, but it raises the bigger issue that we're too slow in responding to flaws in critical, embedded systems. Experience ...

  • Law suits and data breaches

    David Lacey 09 Dec 2009
  • One of the potential business impacts that should be factored into any risk assessment for a data breach of customer information is the possibility of a class action for damages. It's interesting ...

  • Information security skills for the future

    David Lacey 06 Dec 2009
  • What are the skills we should be looking to teach the information security professionals of the future? It's a good and timely question given the current proliferation of training courses and the ...