Risk Management with Stuart King and Duncan Hart

October 2007

  • Online identity - My space?

    Stuart King - Reed Elsevier 10 Oct 2007
  • In the news yesterday: A mystery impostor has posted false details about Miss England on a social networking site which she claims makes her sound "thick" and "tarty"....She said: "It is scary to ...

  • Discussion on the scope of Information Security

    Stuart King - Reed Elsevier 10 Oct 2007
  • What's in scope for Information Security? I discussed this topic earlier in the year (see my blog of Feb 22) where I asked the question "should information security just involve itself with ...

  • Botnets

    Stuart King - Reed Elsevier 09 Oct 2007
  • From "Killing Botnets" by Ken Baylor and Chris Brown of McAfee. A botnet of 1 million bots, with a conservative 128 Kbps broadband upload speed per infected bot, can wield a powerful 128 gigabits ...

  • Threat Expert

    Stuart King - Reed Elsevier 08 Oct 2007
  • An interesting resource that I read about here: http://www.vnunet.com/vnunet/news/2199328/security-experts-launch-tool Threat Expert is an advanced automated threat analysis system designed to ...

  • Storm Worm

    Stuart King - Reed Elsevier 08 Oct 2007
  • Malware remains a threat. The Storm Worm is one of the most threatening in recent times, and it continues to propogate. Bruce Schneier discusses it in detail here on Wired (thanks to David Lacey's ...

  • Information Security reporting lines

    Stuart King - Reed Elsevier 07 Oct 2007
  • The question of where Information Security should report into within the organisation has come up in discussion. There is little consistency within my industry contacts. One reports to the CIO, ...

  • How to make a nice cup of tea

    Stuart King - Reed Elsevier 07 Oct 2007
  • Forget BS7799 and ISO27001, the one we really need to know about is BS6008: "Tea — Preparation of liquor for use in sensory tests." This is a six page, 5000 word guide to how to make a cup of tea. ...

  • A view on security budgeting

    Stuart King - Reed Elsevier 06 Oct 2007
  • There's a lot of discussion out in the blogs about security budgeting. Mike Rothman compares security budgeting to "black magic", while Gunnar Peterson discusses a more practical (for most) ...

  • Project Management and Security

    Stuart King - Reed Elsevier 05 Oct 2007
  • Back in my days of military service I used to enjoy reading a regular aircrew magazine feature entitled "There I was at 30,000 feet." It was shaggy dog stories of hard learnt lessons where process ...

  • Getting to know you.

    Stuart King - Reed Elsevier 04 Oct 2007
  • I'm back from a new starters induction day. After six months in the company I was surprised to be invited along, but I'm glad I was. The day took the form of a team exercise where each team had to ...

  • Insecure code and automated testing

    Stuart King - Reed Elsevier 02 Oct 2007
  • There's an excellent and humourous article on OWASP on how to write insecure code. This is essential reading for all developers... To ensure an application is forever insecure, you have to think ...

  • Security Awareness - what you need to know

    Stuart King - Reed Elsevier 02 Oct 2007
  • October is American National Cyber Security Awareness Month. There is a great new strap-line of "Protect Yourself Before You Connect Yourself." It's all good advice and well worth reading through. ...

  • iPhone Updates

    Stuart King - Reed Elsevier 01 Oct 2007
  • Good read on Apple's update strategy for the iPhone here: http://www.emergentchaos.com/archives/2007/10/apples_update_strategy_is_1.htmlAnd so what Apple is doing has an important side effect: ...