David Laceys IT Security Blog
July 2011
-
Things that need to change in information security standards
29 Jul 2011 -
What needs to change in information security - Let's start with perception
17 Jul 2011 -
The slow, painful death of real information security
02 Jul 2011
This is the second in a series of commentaries on what's wrong with information security and what needs to be changed. My last posting discussed the need for changes in the perception and ...
Regular readers will know I'm critical of our current approach to information security management. In my view there's too much emphasis on compliance and economics, rather than on effective ...
I've blogged before about the perils of best practices and standards, and the crippling effect of compliance on security programmes. The consequences, however, are getting more serious as these ...