David Laceys IT Security Blog

Recent Posts

  • A small step for the UK Government

    David Lacey 29 Nov 2011
  • Lots of people, even my neighbours and relatives, are asking me what I think about the UK Government's new National Cybersecurity Strategy. It certainly attracted a fair bit of surprising degree of ...

  • The Future is in fashion

    David Lacey 24 Nov 2011
  • As a regular conference speaker I'm always intrigued by which topics are in fashion and why. A few years ago it was outsourcing and cloud computing. More recently it's been the human factor. Lately ...

  • Six myths of risk assessment

    David Lacey 24 Nov 2011
  • I find it surprising that after more than 30 years of experimentation of risk assessment, many security practitioners continue to apply risk assessment in such a non-intuitive way. There seem to be ...

  • What tangled webs we weave

    David Lacey 18 Nov 2011
  • Twenty years ago I drafted a document that was intended to reduce the effort required in information security management. Two decades later it has produced the opposite effect. That document was ...

  • Security for small businesses

    David Lacey 08 Nov 2011
  • One of my January forecasts for 2011 was that the need to encourage small and medium enterprises to implement security would finally be tackled. Judging by the current amount of activity in this ...

  • Preaching in a security wilderness

    David Lacey 05 Nov 2011
  • Last week I was fortunate to be speaking at Cyprus Infosec 2011. It was a first class event with intelligent speakers, great debates and a smart audience. But yet again I seem to be the only ...

  • Information Security around the World

    David Lacey 31 Oct 2011
  • I spend a good deal of my time travelling around the world giving lectures and helping companies with consultancy. Last week I was in Amsterdam, the week before in Norway, and tomorrow I'm off to ...

  • Reflections on RSA Europe 2011

    David Lacey 15 Oct 2011
  • This week's RSA conference in London was an unusual blend of predictability and surprise. As usual the networking, programme and event management was first class, which is the main attraction for ...

  • Who influences security?

    David Lacey 10 Oct 2011
  • I was contacted last week by a company that specialises in harnessing influence. They claimed to be working for a top IT security solutions vendor and had identified me as a key "influencer" in the ...

  • Gene Schulz R.I.P.

    David Lacey 10 Oct 2011
  • I was deeply saddened last week to hear about the death of Gene Schulz. If a man is judged by the number of his admirers then Gene was a big man. (More than 730 people have signed the guest book on ...