David Laceys IT Security Blog

November 2011

  • A small step for the UK Government

    David Lacey 29 Nov 2011
  • Lots of people, even my neighbours and relatives, are asking me what I think about the UK Government's new National Cybersecurity Strategy. It certainly attracted a fair bit of surprising degree of ...

  • The Future is in fashion

    David Lacey 24 Nov 2011
  • As a regular conference speaker I'm always intrigued by which topics are in fashion and why. A few years ago it was outsourcing and cloud computing. More recently it's been the human factor. Lately ...

  • Six myths of risk assessment

    David Lacey 24 Nov 2011
  • I find it surprising that after more than 30 years of experimentation of risk assessment, many security practitioners continue to apply risk assessment in such a non-intuitive way. There seem to be ...

  • What tangled webs we weave

    David Lacey 18 Nov 2011
  • Twenty years ago I drafted a document that was intended to reduce the effort required in information security management. Two decades later it has produced the opposite effect. That document was ...

  • Security for small businesses

    David Lacey 08 Nov 2011
  • One of my January forecasts for 2011 was that the need to encourage small and medium enterprises to implement security would finally be tackled. Judging by the current amount of activity in this ...

  • Preaching in a security wilderness

    David Lacey 05 Nov 2011
  • Last week I was fortunate to be speaking at Cyprus Infosec 2011. It was a first class event with intelligent speakers, great debates and a smart audience. But yet again I seem to be the only ...