David Laceys IT Security Blog

Recent Posts

  • Public policy on cyber security

    David Lacey 12 Aug 2009
  • Whatever your views about the current status and future prospects for public policy on cyber security, one thing is clear: we're heavily dependent on the mood at the top of US Government. Us ...

  • Context is King

    David Lacey 09 Aug 2009
  • I had a few comments from friends after my last posting on Adam Laurie's attack on the UK Identity card. Many missed the point. The issue is not whether it's possible to forge or modify an Identity ...

  • Who can you believe?

    David Lacey 08 Aug 2009
  • I was disturbed to read about Adam Laurie's claim that he successfully cloned and changed the data on a UK Identity Card. I was also concerned to read the Home Office response that "This story is ...

  • The convergence of information and physical security

    David Lacey 05 Aug 2009
  • I'm often asked for advice on organising security functions. One increasingly common question is should information and physical security be merged. I have lots of observations on that, having ...

  • In search of a cyber security czar

    David Lacey 04 Aug 2009
  • The Wall Street Journal reports that Melissa Hathaway has resigned from her role as acting US National Cyber Adviser. This is a role that calls for broad subject matter experience, first class ...

  • More of the same won't do

    David Lacey 02 Aug 2009
  • Symantec's share price dipped last week following profit and sales forecasts that fell short of analysts' estimates. The explanation from Enrique Salem, their CEO, was that companies were switching ...

  • Safeguarding the DNA of the Internet

    David Lacey 29 Jul 2009
  • A few postings ago I mentioned the growing importance of random acts of kindness by unsung heroes in rescuing or maintaining vital Internet services. Make no mistake; this is the future of ...

  • Both sides now

    David Lacey 27 Jul 2009
  • As Joni Mitchell might have put it, you can look at cloud computing from two sides now. On the one hand they can introduce a worrying uncertainty as to where your data is stored and who might have ...

  • Security and banks

    David Lacey 27 Jul 2009
  • According to recent research by Gartner, consumers regard security as the most important feature in online banking. That's a pretty obvious finding. Security is the cornerstone of banking. ...

  • Improving security in the clouds

    David Lacey 24 Jul 2009
  • A posting on Bruce Schneier's blog drew my attention to this interesting case study of how a hacker was able to gain access to the personal accounts of Twitter executives. There's nothing new here ...

  • Exploiting the power of networks

    David Lacey 23 Jul 2009
  • For several years I've been preaching that the key to effective security management is to harness the power of social networks to help identify risks and prevent or respond to incidents. My book ...

  • How many lost laptops can you justify?

    David Lacey 20 Jul 2009
  • I was interested to read the figures published last week about the number of laptops that went missing last year from government departments. I've been tracking this problem for the past decade and ...

  • Getting the basics right

    David Lacey 20 Jul 2009
  • This week's Economist includes an interesting feature on the failure of economics. It addresses three main critiques: that macro and financial economists helped cause the credit crisis, that they ...

  • Doing nothing is not an option

    David Lacey 18 Jul 2009
  • Erudine have just published the latest edition of Engine, their excellent technology magazine. The theme of this edition is 'Legacy Evolution' and it contains some excellent articles from CIOs, ...

  • Information security at the crossroads

    David Lacey 17 Jul 2009
  • Infosecurity have added a few more experts to their list of guest bloggers, including Howard Schmidt and myself. I've just posted a short article on the current status of information security ...