Risk Management with Stuart King and Duncan Hart

August 2008

  • Man's 'pants' password is changed

    Stuart King - Reed Elsevier 31 Aug 2008
  • A bank that not only refuses to allow customers to have passwords deemed unacceptable but, more worryingly, allows it's employees to view customer passwords and change them seemingly at a whim. ...

  • Surfing Safer

    Stuart King - Reed Elsevier 29 Aug 2008
  • An acquaintance is one of a team developing a new website - Surfing Safer - providing practical advice on security to home and business users. It promises to be a useful companion to sites such as ...

  • New approach needed to tackle data loss

    Stuart King - Reed Elsevier 27 Aug 2008
  • We could do with having a time out in which to reconsider our approach to dealing with data loss. We're currently inundated with stories - the latest being about the PC purchased on eBay containing ...

  • Best Western and lessons for us all

    Stuart King - Reed Elsevier 26 Aug 2008
  • The actual scope of the Best Western data breach is open to speculation. The Sunday Herald scoop was that "stolen login details were..put up for sale and shared on an underground website operated ...

  • Best Western: speculation and denials

    Stuart King - Reed Elsevier 25 Aug 2008
  • Best Western have publicly refuted the story reported in the Sunday Herald and stated that "Claims reported about our Central Reservations customer records are not accurate" (read the full ...

  • 8 million victims in the world's biggest cyber heist

    Stuart King - Reed Elsevier 24 Aug 2008
  • AN INTERNATIONAL criminal gang has pulled off one of the most audacious cyber-crimes ever and stolen the identities of an estimated eight million people in a hacking raid that could ultimately net ...

  • Lost USB stick with sensitive Home Office data

    Stuart King - Reed Elsevier 22 Aug 2008
  • This latest data loss has it all (see http://news.bbc.co.uk/1/hi/uk/7575989.stm) - Unencrypted mobile senstive data (on a USB stick) - A third party vendor responsible for the data - A public ...

  • Don't forget to review the security of third party vendors

    Stuart King - Reed Elsevier 21 Aug 2008
  • A recurring theme of this blog is the importance of verifying the security of third party vendors. It was one of my top security topics for this year (see here) back in January where it was stated ...

  • Laptop Encryption: implement as standard?

    Stuart King - Reed Elsevier 20 Aug 2008
  • Is it still necessary to have to make a case to implement encryption on laptop computers or should we, by now, simply consider it to be normal practice? Seems like a question with a pretty obvious ...

  • NHS Trust lost diary with personal data

    Stuart King - Reed Elsevier 19 Aug 2008
  • An interesting data "breach" reported on the Breach Blog where a midwife's diary containing personal information on hundreds of new and expectant mothers has been lost from a Health Trust in ...

  • How not to prevent data theft

    Stuart King - Reed Elsevier 14 Aug 2008
  • There's some information available about how the insider fraud at Countrywide that I mentioned on this blog a few days ago was performed. See here. ...in an effort to prevent users from loading ...

  • Keeping the reports effective

    Stuart King - Reed Elsevier 13 Aug 2008
  • Security metrics and dashboards are on my mind at the moment. It's time to review the effectiveness of my regular reports to the board and work on keeping them effective and, most importantly, ...

  • Security fatigue and predictions for 2009

    Stuart King - Reed Elsevier 12 Aug 2008
  • A friend of mine, currently in the process of organising one of the hot conference events in the industry calendar for next year, was hypothesising yesterday about what the predominant information ...

  • Government loose lips on trains

    Stuart King - Reed Elsevier 11 Aug 2008
  • One thing that always amazes me is my teenage son's ability to navigate his way around complex computer games, quickly learn and master new tunes on his guitar, maintain six simultaneous instant ...

  • Anyone still think RFID passports are a good idea?

    Stuart King - Reed Elsevier 06 Aug 2008
  • Sometimes the most unlikely of my musings on this blog become big hits instantly attracting hundreds of page views, while others that I'll sit up considering into the early hours fail to draw the ...