Risk Management with Stuart King and Duncan Hart

Recent Posts

• About the blog

  Michael Tidmarsh - Community Member 19 Apr 2016

Dealing with the operational challenges of information security and risk management.

• Did I miss anything?

  Duncan Hart 07 Sep 2009

Don't be alarmed, I am still alive! After a long absence I'm back after an unofficial hiatus. Past six months have been particular busy and it's been awhile, but that's always the risk of writing a ...

• They've all lost their mojo

  Stuart King - Reed Elsevier 21 Apr 2009

I'm currently recruiting a Security Director to replace me as I move on to pastures new. I must admit to being wholly underwhelmed by many of the CVs that have come my way and also rather upset by ...

• PCI at the House of Representatives

  Stuart King - Reed Elsevier 06 Apr 2009

From Computerworld.At a U.S. House of Representatives hearing yesterday, federal lawmakers and representatives of the retail industry challenged the effectiveness of the PCI rules, which are ...

• Ranums's Rant - Risk Takers and Security Disasters

  Stuart King - Reed Elsevier 30 Mar 2009

An interesting rant on Information Security from Marcus Ranum online here. I picked up on the following quote:The security team explained why it was a bad idea; in fact they wrote a brilliantly ...

• GhostNet

  Duncan Hart 30 Mar 2009

Loads of coverage of the GhostNet story at the weekend. The FT, NY Times, Sydney Morning Herald and BBC all highlight the Munk Centre for International Studies report on the cyber 'spying' network ...

• Far from smart phones

  Duncan Hart 24 Mar 2009

Does anyone know of a smart phone or mobile device that enforces account and privilege separation? It's been a long held good practice to run user accounts with least level of system privilege and ...

• Security, scale and functionality - Part 3: Functionality

  Duncan Hart 23 Mar 2009

I love system functionality, it's a great thing. It brings a rich and dynamic user experience or empowerment through seamless processes to get things done. Whether it be business functionality or ...

• Top 5 information security annoyances - #2

  Stuart King - Reed Elsevier 21 Mar 2009

Few of my blogs have generated so much venom to be thrown in my direction than this one from last week. One blogger from America has gone so far as to write two very lengthy pieces in response ...

• Laptop with personal data stolen

  Stuart King - Reed Elsevier 20 Mar 2009

Another third party vendor failing to implement decent security around sensitive data. http://news.bbc.co.uk/1/hi/england/suffolk/7954393.stmYou've got to check out your vendors! The vendor might ...

• BBC, BotNets and legal hacking

  Stuart King - Reed Elsevier 17 Mar 2009

On Monday I remarked on the BBC Click botnet investigation. I slightly regret my post because, in fact, I think they did a great job in bringing to life the potency of botnets. Legalities aside, ...

• Top 5 Information Security Annoyances

  Stuart King - Reed Elsevier 17 Mar 2009

I'm generally a tolerant and easy going sort of person. There's a fairly short list of things that get my goat. For instance, our local doctors surgery has a call queuing system with 6 different ...

• BBC violate Computer Misuse Act

  Stuart King - Reed Elsevier 16 Mar 2009

Software used to control thousands of home computers has been acquired online by the BBC as part of an investigation into global cyber crime. The technology programme Click has demonstrated just ...

• Security, scale and functionality - Part 2: Scale

  Duncan Hart 16 Mar 2009

Scale, whether it is physical or logical, brings some interesting security challenges. The fundamental issues are oversight, assurance and misplaced trust. Extended enterprises and supply chains ...

• Council staff face Facebook ban

  Stuart King - Reed Elsevier 11 Mar 2009

Hampshire County Council is threatening to block staff from using the social networking site Facebook. Bosses said they noticed an increase in use and during monitoring 46 employees were found to ...