Risk Management with Stuart King and Duncan Hart
Recent Posts
-
Open University course on forensics
- Reed Elsevier 09 Oct 2008 -
Strategy and the business
- Reed Elsevier 07 Oct 2008 -
Incident response - practice makes ready
- Reed Elsevier 06 Oct 2008
Only a couple of weeks to go until I commence a new course through the Open University entitled Computer Forensics and Investigations. You can read more about what this course offers online here ...
Today it's time for my annual information security strategy review. Some of the activities discussed the last time around are now considered to be business as usual - that's a big tick in the right ...
It might surprise you to learn that I had no interest in security, computers or IT until I was well into my twenties. In fact I wanted to be a pilot in the RAF but failed the application process ...
-
Virgin Media data breach highlights the powers of the ICO
- Reed Elsevier 03 Oct 2008 -
Is IT Security dead?
- Reed Elsevier 01 Oct 2008 -
Chips and custard
- Reed Elsevier 29 Sep 2008 -
Breaking websites without touching the application
- Reed Elsevier 26 Sep 2008 -
Value of CISSP status
- Reed Elsevier 25 Sep 2008 -
BBC Mailing List Compromised
- Reed Elsevier 24 Sep 2008 -
Unauthorised software on the network
- Reed Elsevier 24 Sep 2008
The news that Virgin Media have experienced a data breach is not so interesting as the consequences (see full story here).On reporting the loss of a CD containing 3000 unencrypted customer records, ...
If the Gartner IT Security Summit is the best the industry has to offer, then IT Security is dead. I've come away from it not merely disappointed, but frustrated. Frustrated that I've been sitting ...
Two things that definately do not go together are chips and custard. Unless you're pregnant. Or from Belgium where I suppose it's not too far removed from smothering your frites with mayo. An old ...
Just as there is more than one way to skin a cat, there are many ways to break a web application. When I speak to developers and ask them if they are producing a secure system, the answer I'll get ...
It's been a while since I updated my CISSP certification with CPE credits. In fact, I've not even thought of it even though I've got plenty accumulated and was wondering why I continue to pay the ...
A point I frequently make is that it's not just the regulated and sensitive data sets that have value and require good control. Simple lists of email addresses and names also have value. No better ...
I spent a good part of a recent day discussing the reasons why I had instructed the removal of certain unauthorised software from a number of PCs on the company network. The arguments that came my ...
-
There's a hole in your network and you're not the first to know...
- Reed Elsevier 22 Sep 2008 -
Hypothetical situation: security incident or not?
- Reed Elsevier 19 Sep 2008 -
Information security is not recession proof
- Reed Elsevier 18 Sep 2008 -
Communication and the first law of security
- Reed Elsevier 16 Sep 2008 -
Cern Website Hacked
- Reed Elsevier 15 Sep 2008
In the words of the great poet, David Brent (from The Office), "If you can keep your head when all around you have lost theirs, then you probably haven't understood the seriousness of the ...
A friend and I were imagining the following hypothetical situation: somebody performs a change to a network service which subsequently (let's presume it's business critical) is out of action for an ...
I keep getting told how lucky I am to be doing a job perceived to be "recession proof." Personally I don't think this is the case. If the company were to go down then I doubt there would be much ...
Security makes for a great scapegoat. "We can't get access to the website" then blame security. "My computer is running too slow", blame all the security tools on it. "I can't get access to the ...
A website associated with the Large Hadron Collider (LHC) atom-smashing experiment at Cern has been hacked.A group of hackers called the GST, or Greek Security Team, has claimed responsibility for ...