David Laceys IT Security Blog

Recent Posts

  • In search of sensible security advice

    David Lacey 19 Jan 2010
  • Where does one turn to find objective, authoritative advice on security issues? Certainly not the vendors if the recent reports of a security flaw in Internet Explorer are anything to go. There's a ...

  • Securing the supply chain

    David Lacey 11 Jan 2010
  • Security of the supply chain will be a dominant theme of this year. It's not been addressed sufficiently well in the past, but compliance demands are beginning to twist people's arms. In fact there ...

  • Standing at the Crossroads

    David Lacey 30 Dec 2009
  • At the close of the first decade of the 21st Century I find myself writing my 500th blog posting for Computer Weekly. It's an appropriate occasion to look back at the last ten years and look ahead ...

  • Security Forecasts for 2010

    David Lacey 30 Dec 2009
  • What will 2010 hold for information security professionals? Will it be more of the same? Or will it herald major changes? Personally, I believe it will be a year of change. Amongst other things, I ...

  • Security Forecasts for 2009 - Right or Wrong?

    David Lacey 29 Dec 2009
  • As we near the end of 2009 it's interesting to look back and see how accurate my January forecasts were. I predicted that: fraud would hit the roof; information warfare would get real; human ...

  • Obama makes the right choice

    David Lacey 22 Dec 2009
  • I was pleased to see that President Barack Obama has picked Howard Schmidt to serve as National Cybersecurity Coordinator. As I've said before, Howard is the best choice as he has subject area ...

  • In the bleak mid winter

    David Lacey 19 Dec 2009
  • Each year at this time, former JP Morgan security veteran Alan Stockey crafts an irreverent festive poem with a contemporary theme. This year he's elected to Green. In the bleak mid winterClimate's ...

  • Root causes of vulnerable systems

    David Lacey 18 Dec 2009
  • It seems staggering to read that militants in Iraq were able to intercept live video feeds from aircraft and Predator drones using a $26 software package. And this problem is reported to be ...

  • Cloud computing security developments

    David Lacey 13 Dec 2009
  • Last week's excellent ISSA-UK Chapter meeting, kindly hosted by KPMG, highlighted two interesting security developments in cloud computing. The first was that this is a rapidly developing subject ...

  • SSL vulnerabilities

    David Lacey 11 Dec 2009
  • Bruce Schneier's advice on the recently announced SSL vulnerability is sensible, but it raises the bigger issue that we're too slow in responding to flaws in critical, embedded systems. Experience ...

  • Law suits and data breaches

    David Lacey 09 Dec 2009
  • One of the potential business impacts that should be factored into any risk assessment for a data breach of customer information is the possibility of a class action for damages. It's interesting ...

  • Information security skills for the future

    David Lacey 06 Dec 2009
  • What are the skills we should be looking to teach the information security professionals of the future? It's a good and timely question given the current proliferation of training courses and the ...

  • Everything you wanted to know about Data Protection

    David Lacey 27 Nov 2009
  • The Information Commissioner's Office has just published a detailed Guide to Data Protection. It's an excellent, well presented piece of work, though at 175 pages it's not likely to be read from ...

  • Human factors in information security

    David Lacey 26 Nov 2009
  • Elsevier are holding their first conference on human factors in information security in London on 22nd-24th February 2010. What's interesting is that it combines academic excellence and practical ...

  • Which is the best security blog?

    David Lacey 26 Nov 2009
  • Congratulations to Graham Cluley of Sophos who won the Computer Weekly 2009 best blog award. Congratulations to Computer weekly also for unselfishly excluding their own bloggers from the ...