Risk Management with Stuart King and Duncan Hart

February 2007

Dekstop AV - is Vista enough?
Stuart King - Reed Elsevier 28 Feb 2007

Do the anti-malware controls built into Windows Vista mean that we can begin to think about reducing the amount we spend on third party desktop AV products? Discuss! I'm sitting on the fence on ...

Risk appraisal and acceptance process
Stuart King - Reed Elsevier 26 Feb 2007

Today I've been trying to participate in a meeting where everyone except me is sitting in a building in Orlando. Unfortunately, for various reasons I wasn't able to travel over this week so it's a ...

Compliance and risk
Stuart King - Reed Elsevier 26 Feb 2007

I've been reading a good, common-sense, article entitled "Compliance Optimization: Defining The Right Level Of Control" written by Michael Rasmussen and published by Forrester. Michael states that ...

OWASP Testing Guide v2
Stuart King - Reed Elsevier 23 Feb 2007

I recommend that all of you involved in product development take note that OWASP have released v2 of the application testing guide. It's an excellent, detailed, easy to follow reference.

Scope of Information Security
Stuart King - Reed Elsevier 22 Feb 2007

There's an interesting article in the latest edition of Computers & Security Journal entitled "Information Lifecycle Security Risk Assessment: A tool for closing security gaps" by Ray Bernard. ...

Man on train displays password
Stuart King - Reed Elsevier 22 Feb 2007

Sitting next to me on the train yesterday was an employee of a large telecoms company. I know this from the ID badge he was wearing and the asset tag on his laptop. On the lid of his laptop was a ...

Importance of process
Stuart King - Reed Elsevier 21 Feb 2007

About 10 years ago I began a short contract working as a programmer for a bank. On beginning the role, my very first task was to read the programming standards manual. This was a custom written 400 ...

Marketing security
Stuart King - Reed Elsevier 20 Feb 2007

The comment left on my previous entry led me to an excellent blog at http://www.emergentchaos.com/. One of the contributors to that blog, Arthur, makes an interesting and very true point: "security ...

Threat modelling and risk ownership
Stuart King - Reed Elsevier 19 Feb 2007

I've spent a fair amount of time over the past year or so looking at threat modelling as it applies to the product space. Threat modelling is a time consuming process but it's an invaluable tool in ...

Colour blind
Stuart King - Reed Elsevier 18 Feb 2007

Sometimes the simplest things can make a difference. I was speaking to a group of Dutch product managers a few days ago, walking through a risk assessment process. The most important parts of the ...

Two factor authentication and PayPal
Stuart King - Reed Elsevier 15 Feb 2007

Has PayPal's introduction of a security token improved security (read the news item) and is this a lead to be following? Personally I believe that it is a positive move in the right direction. ...

Zero day attacks
Stuart King - Reed Elsevier 12 Feb 2007

A couple of years ago, I along with the team I worked with, assessed zero-day malware as potentially the biggest risk faced by our business. In fact I wrote up a white paper based on research I ...

DWP pension letter mix-up
Stuart King - Reed Elsevier 10 Feb 2007

Today in the news we see another example of a government department playing rough-shod over private data. You'll recall that last week we had the story about smart-cards being shared. Today we're ...

Portable wireless hacking device
Stuart King - Reed Elsevier 09 Feb 2007

Did you see this gadget, on show at the RSA Security Conference? It's a "a portable hacking device that can search for and join 802.11 (Wi-Fi) access points, scan other connections for open ports, ...

Risk Assessment Process
Stuart King - Reed Elsevier 08 Feb 2007

Somebody asked me if I'd put a bit more detail around some of the high level topics I cover in this blog. So I thought I'd talk a bit about the risk assessment processes that I follow. There are a ...

SearchCIO

Risk Management with Stuart King and Duncan Hart

February 2007

Dekstop AV - is Vista enough?

Risk appraisal and acceptance process

Compliance and risk

OWASP Testing Guide v2

Scope of Information Security

Man on train displays password

Importance of process

Marketing security

Threat modelling and risk ownership

Colour blind

Two factor authentication and PayPal

Zero day attacks

DWP pension letter mix-up

Portable wireless hacking device

Risk Assessment Process

SearchCIO

Parler sues AWS, seeks restraining order

Digital healthcare top priority for CIOs in 2021

C-suite execs give future technology predictions for the decade

SearchSecurity

What is the future of cybersecurity?

Tenable: Vulnerability disclosures skyrocketed over last 5 years

Select a customer IAM architecture to boost business, security

SearchNetworking

Cisco sweetens Acacia deal by $2 billion

SASE challenges include network security roles, product choice

Refreshing look at Wi-Fi 6 benefits, preparations

SearchDataCenter

Get a template to estimate server power consumption per rack

When the chips are down, Intel turns to VMware's Pat Gelsinger

Intel CEO Bob Swan to be replaced by VMware's Pat Gelsinger

SearchDataManagement

Informatica takes Customer 360 master data management to cloud

Graph database vs. relational database: Key differences

ScyllaDB NoSQL database to improve with Project Circe