Risk Management with Stuart King and Duncan Hart

Recent Posts

  • My security department is not wasting its time

    Stuart King - Reed Elsevier 14 Feb 2008
  • There are two rules in information security. 1) Never assume, alway check 2) Just because you are right today doesn't necessarily mean that you will still be right tomorrow. Actually there are many ...

  • Thin client computing

    Stuart King - Reed Elsevier 13 Feb 2008
  • Whilst here in Brazil, I took the opportunity to provide some input for a local company looking to implement a thin client environment in place of their existing traditional desktop user network. ...

  • Travel Tales from Sao Paulo, Brazil

    Stuart King - Reed Elsevier 11 Feb 2008
  • Today I'm in Sao Paulo. It's a city that I was warned was a dangerous place before I came but which my colleague, Fabio, quickly put me right about on my arrival. His words of wisdom were that if I ...

  • Personal Web Mail Security Risks

    Stuart King - Reed Elsevier 11 Feb 2008
  • The debate drags on in various forums about the use and availability of personal webmail services such as those provided by Google and Yahoo from the office desktop. The questions being asked are: ...

  • Anti-Malware Testing Standards Organization

    Stuart King - Reed Elsevier 10 Feb 2008
  • More than 40 security software technologists and anti-malware testers from around the world recently met in Bilbao, Spain to formalize the charter of the Anti-Malware Testing Standards ...

  • One Step Closer to Internet Single Sign-On

    Stuart King - Reed Elsevier 09 Feb 2008
  • "Using your favourite websites and services could soon mean memorising far fewer passwords" according to this BBC News article. Microsoft first got involved with OpenID a little over a year ago. In ...

  • Think Tank on Social Networking

    Stuart King - Reed Elsevier 06 Feb 2008
  • I had a little chuckle to myself when I read the quote from the BCS in the Computer Weekly Security Think Tank on Social Networking. As a result of the strong human desire to connect, social ...

  • Availability and Security

    Stuart King - Reed Elsevier 05 Feb 2008
  • There's been some heated debate on various other blogs about whether or not availability is a valid part of a security program. This is all in response to an article for ITPro which makes the ...

  • Technical controls versus people and process

    Stuart King - Reed Elsevier 04 Feb 2008
  • Do you think that technical controls, or process and people management controls are most effective in preventing security incidents? It's easy to look at recent data loss events and make up your ...

  • PCI scanning

    Stuart King - Reed Elsevier 03 Feb 2008
  • This cartoon strip tells you all you need to know about how effective PCI security scanning really is... Originally posted by Mark Curphey.

  • Blindside Blog

    Stuart King - Reed Elsevier 03 Feb 2008
  • I came across the Blindside blog linked from GetSafeOnline it's sponsored by the UK Cabinet Office and contains some interesting posts. Read it here: http://www.blindside.org.uk/

  • Metrics - not quite there yet

    Stuart King - Reed Elsevier 03 Feb 2008
  • A couple of blogs ago, I discussed security metrics and described the information on my dashboard. One important point that I failed to make is that, given all the metrics, how vulnerable do we ...

  • Can Agile development be secure? Yes it can!

    Stuart King - Reed Elsevier 30 Jan 2008
  • Give me a pound for every development team I've heard saying that they use an "Agile" methodology and I'll be able to fulfil my planned dream of retiring to a small Greek Island where I'll spend my ...

  • Janet & John Security

    Stuart King - Reed Elsevier 26 Jan 2008
  • Two stories in the press demonstrate that the disgruntled or motivated employee remains a threat to be reckoned with. The first, of course, relates to the SocGen rogue trader. The second, on a ...

  • Security Metrics - Are we secure?

    Stuart King - Reed Elsevier 24 Jan 2008
  • It's crunch time and some facts and figures are needed to demonstrate security status to senior management. How are you going to do that? I've been working for a while on making sure that I have ...