Sergej Khackimullin - Fotolia

Risk Management with Stuart King and Duncan Hart

Dealing with the operational challenges of information security and risk management.

March 2007

  • A Saturday Comment

    Stuart King - Reed Elsevier 31 Mar 2007
  • I've noticed that no-one reads this blog on a Saturday which begs the question of why I'm writing anything. However, given the technology I could have actually written this last Tuesday and ...

  • Another laptop theft

    Stuart King - Reed Elsevier 28 Mar 2007
  • Yet another tale about a stolen laptop containing private data. Read all about it here: The healthcare authority concerned say they ...

  • Use of Skype

    Stuart King - Reed Elsevier 28 Mar 2007
  • The subject of Skype came up again. We've taken a pretty hard line against the use of this software on the corporate network and for good reason too in my opinion. Questions around fundamentals ...

  • Data Breaches Can Hit Anyone

    Stuart King - Reed Elsevier 27 Mar 2007
  • A timely reminder here that security breaches are not necessarily "just a problem of big name concerns."

  • Moving on...

    Stuart King - Reed Elsevier 26 Mar 2007
  • A change of employment and a relocation to warmer climes means that entries on this blog may become sporadic over the next few weeks. Change can be positive and I'm a strong believer in the ...

  • More on PCI - the audit guide

    Stuart King - Reed Elsevier 24 Mar 2007
  • Some excellent commentary from Mark Curphey on the subject of the PCI DSS over on his blog at The other element of the PCI DSS that is of concern is the Audit Procedures ...

  • How to get work in Information Security

    Stuart King - Reed Elsevier 22 Mar 2007
  • I was browsing through job listings looking for examples of advertised jobs within information security. A number of adverts had me scratching my head. Read this one then ask yourself: What is the ...

  • More on documenting security requirements

    Stuart King - Reed Elsevier 21 Mar 2007
  • I was involved in an interesting debate today around the value of documenting a good set of security requirements. The debate was the result of report written where it was stated that deficient ...

  • Developer training or an Application Firewall - you decide..

    Stuart King - Reed Elsevier 20 Mar 2007
  • If you had £20k to spend on web product security and could choose between training your team of developers in appropriate secure coding skills or purchasing an application firewall, which would you ...

  • RSA Anti-Fraud Service

    Stuart King - Reed Elsevier 20 Mar 2007
  • An interesting new service being offered by RSA:, The Security Division of EMC (NYSE: EMC), today announced it will launch its new RSA ...

  • ISO Certification

    Stuart King - Reed Elsevier 19 Mar 2007
  • In his blog entry, "The Importance of Closing the Loop", David Lacey talks about the importance of verifying that policies and standards are being followed and raises the topic of ISO ...

  • Security Awareness

    Stuart King - Reed Elsevier 16 Mar 2007
  • Get Safe Online is a British Government sponsored Internet safety guide. It's all good common sense advice and well worth a visit. I wonder how many people do because, as I noted a few days ago ...

  • Kids and the Internet

    Stuart King - Reed Elsevier 15 Mar 2007
  • I've been reading an interesting article, linked from Bruce Schneiers blog, about Internet usage entitled "Kids, the Internet, and the End of Privacy: The Greatest Generation Gap Since Rock and ...

  • Attackers, hackers, and the CMA

    Stuart King - Reed Elsevier 14 Mar 2007
  • Steve Gold's excellent blog at makes mention of the 12 month prison sentence handed out to one of the chaps who hacked into the LexisNexis Accurint database. I ...

  • Bank login procedures - soapbox

    Stuart King - Reed Elsevier 13 Mar 2007
  • First Direct bank here in the UK have managed to infuriate their online customers by enforcing an en-mass change of authentication credentials. Read all about it here: ...