David Laceys IT Security Blog

March 2009

  • Ethical hacking - a good or bad term?

    David Lacey 29 Mar 2009
  • Last week's British Computer Society Information Security Conference reopened a debate about the use of the term "Ethical Hacking". A year ago, the BCS Security Forum issued a statement ...

  • Better standards for standards please

    David Lacey 25 Mar 2009
  • Yesterday's IT Governance Watch event in London, organized by the UK Cyber Security KTN and The National Computing Centre, was an interesting attempt to address the seemingly paradoxical concept of ...

  • Real-world security architectures

    David Lacey 23 Mar 2009
  • One of the things that characterise a maturing business practice is the proliferation of architectures, models and frameworks that begin to proliferate. This phenomenon has clearly caught up with ...

  • Yes we can

    David Lacey 18 Mar 2009
  • I'm generally reluctant to criticize colleagues, but occasionally they come up enough drivel to spur me into action. I was disappointed, to say the least, to read that Stuart King, a kindred spirit ...

  • Lies, damned lies and statistics

    David Lacey 16 Mar 2009
  • A recent email from Karen Lawrence Öqvist mentioned the differences in how we measure statistics such as the odds of dying in a road crash or a plane crash. I had suggested in my book "Managing the ...

  • Keep away from the Dark

    David Lacey 16 Mar 2009
  • Friday's BBC "Click" technology program contained a demonstration of a 20,000 strong botnet. Was this legal? Was it ethical? And was it a sensible idea? These are important questions that need to ...

  • Preparing for Life in the Fast Lane

    David Lacey 09 Mar 2009
  • Last week I contributed to an ISSA-UK expert panel reviewing a recent UK Government report on plans for "Digital Britain", the digital knowledge economy that will form the heart of our future ...

  • Apocalypse soon?

    David Lacey 04 Mar 2009
  • Yesterday's ISC2 Security Leadership Seminar in London reflected a spectrum of contemporary thinking on the subject of information security, as well as highlighting some of the more extreme risks ...