David Laceys IT Security Blog

May 2009

• Whither Information Governance?

  David Lacey 31 May 2009

I had high hopes for the work of the UK parliamentary-industry group EURIM in developing the foundations of Information Governance. With no less than five work streams attended by leading, ...

• Cyber-security is broader than critical infrastructure

  David Lacey 30 May 2009

US President Barack Obama's speech on plans to secure American cyber infrastructure is an encouraging start for developing the long-overdue capabilities that the West needs to safeguard its ...

• Information Age security

  David Lacey 29 May 2009

This month's edition of Information Age magazine carries an insightful review of my book "Managing the Human Factor in Information Security". Information Age is an excellent magazine, which for ...

• Intrusion detection is alive and thriving

  David Lacey 28 May 2009

Back in 2003, Gartner declared that intrusion detection systems were a market failure and would be obsolete by 2005. Six years and 3.7 million downloads later, Sourcefire is celebrating the 10th ...

• A step forward for cloud computing security

  David Lacey 27 May 2009

The Jericho Forum and the Cloud Security Alliance announced today that they're working together to promote best practices for secure collaboration in the cloud. It's encouraging news as both groups ...

• Lessons in crisis management

  David Lacey 25 May 2009

The current crisis of public confidence in UK Parliament, triggered by the publication of MPs' expenses records, demonstrates three interesting and very important lessons of crisis management. They ...

• Infosecurity Europe Hall of Fame presentations

  David Lacey 15 May 2009

The Hall of Fame presentations given by Paul Dorey and myself are now available on the Infosecurity Europe web site. Recordings of these sessions and podcast interviews will also be available ...

• Towards a world of illusion

  David Lacey 15 May 2009

Each week we get closer to a business and social cyberspace dominated by spin, FUD and disinformation. It's an inevitable consequence of the power of large-scale information and social networks. ...

• The Age of Integrity

  David Lacey 09 May 2009

Bruce Schneier's blog highlights reports of an alleged recent break in by hackers to a Virginia State Web site used by pharmacists to track prescription drug abuse. The hackers were reported to ...

• Principles of good security architecture

  David Lacey 04 May 2009

If Kit Cameron can come up with a set of laws of identity when arguably there aren't any, then the least I can do is have a stab at setting out some principles of good security architecture. If ...

• Drowning in a sea of security frameworks

  David Lacey 03 May 2009

I've commented a few times already on the use, and misuse, of standards, architectures and other forms of model to help us to manage information security. There are now so many control frameworks, ...