Sergej Khackimullin - Fotolia

Risk Management with Stuart King and Duncan Hart

Dealing with the operational challenges of information security and risk management.

November 2006

  • Microsoft and Vista

    Stuart King - Reed Elsevier 30 Nov 2006
  • I like Microsoft. There you go, cards on the table. Let me be more specific: I think that the Trustworthy Computing initiative is simply the most important and valuable security resource that ...

  • Campaign for clear talking

    Stuart King - Reed Elsevier 29 Nov 2006
  • Much of today was spent leading a workshop session for product management people on the subject of security and risk. The session went well and one particular point of feedback resonated: it was ...

  • More on metrics

    Stuart King - Reed Elsevier 28 Nov 2006
  • I was reading David Lacey's latest blog entry with some interest. One of the challenges I'm currently faced with is to present an achievable and realistic set of objectives against which my ...

  • Process and Security

    Stuart King - Reed Elsevier 27 Nov 2006
  • More evidence presented itself today in support of my message that there is a demonstrable correlation between the security status of web products where development follows a formal process and ...

  • Security Certifications

    Stuart King - Reed Elsevier 26 Nov 2006
  • A couple of days ago I encountered a person whose business card made reference to no less than 5 different information security related certifications. Should I be impressed? The answer is simple: ...

  • Financial impact of security incidents

    Stuart King - Reed Elsevier 24 Nov 2006
  • I've been doing a lot of research into the actual and potential impact on a business of various types of security incident and trying to work out how the various statistical models and other data ...

  • Happy Thanksgiving (and more on vulnerability scanners)

    Stuart King - Reed Elsevier 23 Nov 2006
  • Happy Thanksgiving day! Many of my colleagues are American and so today should be a quiet one on the email front - although you can bet there will always be at least one of them sneaking a message ...

  • Application Firewalls

    Stuart King - Reed Elsevier 22 Nov 2006
  • I was re-reading the VISA CISP data security standards documentation and reminding myself firstly, of what an enjoyable read this is, and secondly of some of the recent new clauses put in to ...


    Stuart King - Reed Elsevier 21 Nov 2006
  • I want to take the opportunity to pay tribute to the work of the Open Web Application Security Project - OWASP. This project has now grown into an incredible wealth of online resources with a ...

  • Vulnerability Scanners

    Stuart King - Reed Elsevier 20 Nov 2006
  • I took a call from a vendor inviting me to test the latest version of some web product vulnerability testing software. I've recently been quite outspoken in my dislike for automated testing tools ...