Risk Management with Stuart King and Duncan Hart
October 2007
-
The 10 deadly sins of information security management
- Reed Elsevier 31 Oct 2007 -
$10million supermarket scam
- Reed Elsevier 30 Oct 2007 -
EDS & BSkyB - A lesson for us all
- Reed Elsevier 30 Oct 2007
As the winter nights begin to close in, the family gathers around the fireplace for warmth and we'll tell each other stories. My current favorite is an old one entitled "the 10 deadly sins of ...
I've heard some words of indignation expressed at the invitation of Frank Abagnale to speak at this years RSA conference. I understand the point of view - why should this convicted fraudster be ...
A friend of mine has a cartoon strip on his desk where somebody asks "why are the two servers named Benson and Hedges?" The response is "Because that's what it said on the design document..." The ...
-
New PCI mandates
- Reed Elsevier 29 Oct 2007 -
Consumer Products in Enterprise Networks
- Reed Elsevier 29 Oct 2007 -
Data leaks - what can we do?
- Reed Elsevier 27 Oct 2007 -
Back to Earth
- Reed Elsevier 27 Oct 2007 -
Personality in Security
- Reed Elsevier 26 Oct 2007 -
AppExchange Update
- Reed Elsevier 25 Oct 2007 -
Opinion on the veto of AB779
- Reed Elsevier 25 Oct 2007
Some new mandates from Visa released last week. Read the full bulletin here: https://www.computerworld.com/pdfs/Payment_Application%20Security_Mandates_9044159.pdf. Here's a summary
How much risk is there associated with taking consumer products into our enterprise networks? Should we just say no? I think that to do so would not be a good strategic approach because many such ...
I've been giving a lot of thought to the subject of data leakage and associated risks to the business. The problem we have right now is getting a handle on all the different vectors that data ...
In Futurama, Fry wakes up in the year 3000 and finds himself in a strange new world where the technology is baffling, yet exciting. That's sort of how I felt wandering around the Microsoft campus ...
A panel session at the RSA conference has suggested that "it is just as important to recruit on the basis of personality as it is to find someone with the right technical qualifications" for ...
Thanks to James Penfold from SalesForce.com who has made me aware that there is an updated program relating to the AppExchange certification process I mentioned a couple of blogs ago. This can be ...
I wanted to take an opposing view to David Lacey's blog on California's veto of AB779 - the bill to make a version of the PCI standard into State law. David's view is that "in the absence of tough ...
-
SFDC - AppExchange Certification Process
- Reed Elsevier 25 Oct 2007 -
Microsoft Security Intelligence Report
- Reed Elsevier 25 Oct 2007 -
Is security a "should" or a "must"
- Reed Elsevier 23 Oct 2007 -
Latest on application security
- Reed Elsevier 22 Oct 2007 -
More on ROI
- Reed Elsevier 21 Oct 2007
I was chatting to a techie from SalesForce.com a couple of evenings ago and questioning him about the processes in place for ensuring the security of applications posted on their AppExchange. It's ...
The Microsoft® Security Intelligence Report (January–June 2007) provides an in-depth perspective on the software vulnerabilities (both in Microsoft software and in third party software), software ...
From the book "Zen and the Art of Information Security" by Ira Winkler.When security is a should, people will tell you that security is secondary to business concerns. The security staff ...
I make no secret of the fact that my first interest in security is around the online product side of things. So easy to get completely wrong and the same old lessons are continually being relearnt. ...
I wanted to follow on the same theme as my previous blog and look more at issues of justifying spending on information security. One of the difficulties might come from whether your organisation ...