Risk Management with Stuart King and Duncan Hart

December 2006

  • What motivates a web site attack

    Stuart King - Reed Elsevier 27 Dec 2006
  • I hope everyone had/is having a good holiday. My only mishap has been to unwittingly deliver alcohol laced chocolates to my teetotal future inlaws. Fortunately it was taken in good humour and while ...

  • A pre-Christmas Saturday Soapbox

    Stuart King - Reed Elsevier 23 Dec 2006
  • It's nearly Christmas so I'm going to get my soapbox out again and comment on the news that for the national ID system information "will be held on three existing, separate databases" as reported ...

  • Perceptions are the key to mitigating risk

    Stuart King - Reed Elsevier 22 Dec 2006
  • How are you viewed within your organisation? Is Information Security seen as an automatic invitation to new project meetings and product reviews, or do peers try to avoid discussing things in too ...

  • It can happen anywhere

    Stuart King - Reed Elsevier 21 Dec 2006
  • The issue with the Hamley's website mis-pricing goods (see Computer Weekly 19 Dec) is the sort of embarrassing, costly, and totally avoidable sort of glitch that can be easily prevented through ...

  • VISA PCI Incentives

    Stuart King - Reed Elsevier 20 Dec 2006
  • A new VISA incentive program for payment providers (i.e. "acquiring financial institutions") caught my interest. You can read an article about it here. The essential detail is that for every ...

  • More on risk assessment

    Stuart King - Reed Elsevier 19 Dec 2006
  • A great example came up today of exactly what I was talking about in yesterdays blog. Some-one raised an issue with regards to our corporate Intranet and the fact that after performing a certain ...

  • Real world risk assessment - don't forget to consider costs

    Stuart King - Reed Elsevier 18 Dec 2006
  • There is risk attached to everything that we do. In most everyday situations we attach a value to risk using instinct and judgement based on experience. In business we need to be more precise: we ...

  • Saturday Soapbox

    Stuart King - Reed Elsevier 16 Dec 2006
  • Cryptogram is a monthly newsletter produced by security guru Bruce Schneier. I have a lot of respect for Bruce's writings, and he's been an influence on my own security views. Anyway, this isn't ...

  • Safeguarding data - it's all in the process

    Stuart King - Reed Elsevier 15 Dec 2006
  • David Lacy mentions in his latest blog that our ability to safeguard data depends upon "sensible application of well-established security technologies." I am in complete agreement and this remark ...

  • Regulatory Compliance - we need more detail

    Stuart King - Reed Elsevier 12 Dec 2006
  • What we need is clarity in the questions being asked and clarity as to what the acceptable solutions are. Then, for the consultants whom our businesses are being forced to pay, enough detail to ...

  • More on outsourcing: software development

    Stuart King - Reed Elsevier 12 Dec 2006
  • One of the many items I need to deal with is security relating to products being developed off-shore. The expectations of the businesses concerned is that the quality of the work being delivered ...

  • Perception of outsourcing

    Stuart King - Reed Elsevier 11 Dec 2006
  • Security relating to offshore data centers has been in the news lately. Indian call centers in particular have been the target of a good deal of negative attention such as this BBC report about a ...

  • Return on Security Investment

    Stuart King - Reed Elsevier 08 Dec 2006
  • Is it possible to demonstrate a return on investment for our security efforts? This is an aspect of security of particular interest and something I always consider to quite a degree when thinking ...

  • New software debate

    Stuart King - Reed Elsevier 06 Dec 2006
  • I've been involved in a debate today about iTunes. More to the point, about whether iTunes should be permitted installation onto a company owned PC. A colleague of mine was quite adamant in his ...

  • Passwords

    Stuart King - Reed Elsevier 05 Dec 2006
  • Passwords are on my mind today. First, I'm putting together some product security requirements so passwords are a consideration. Second, I was reading this article on BBC news regarding a report ...