In Depth

In Depth

IT risk management

• Ministry of Defence security: IT information assurance in the MoD

  The MoD should update its information assurance policy, argues Paul Shanes and Chez Ciechanowicz in this Royal Hollo2way MSc thesis article.  Continue Reading

• Security Think Tank: What should businesses do to ensure their IT defences resist APTs?

  Security threat reports are increasing, identifying targeted and advanced, persistent threats (APTs) as top priorities for all organisations of all sizes and sectors. The reality of APTs has recently been demonstrated by the successful theft of ...  Continue Reading

• 2011 Royal Holloway information security thesis series

  This series of articles from recent MSc graduates of the Royal Holloway University of London grapples with a variety of information security topics.  Continue Reading

• Can data security be pinned down?

  Every organisation knows that information is one of its most valuable assets; increasingly so does anyone looking to exploit that information for their own ends, be they criminals, ex-employees with a grudge or Wikileaks-style whistleblowers - not ...  Continue Reading

• CW Security Think Tank: What’s holding up the cloud?

  CW Security Think Tank: Are security concerns and a lack of adequate risk assessment tools the reason SMEs are not adopting cloud computing, or is the real reason something else that security professionals are also in a good position to address?  Continue Reading

• Ranking the global cyberthreat, IT infrastructure risks

  What's the real threat of global cyberwar, and how vulnerable are IT infrastructures?  Continue Reading

• Uneasy feeling: Risk management for emerging types of security threats

  Calculating risk is never an exact science, particularly when new threat vectors are constantly emerging.  Continue Reading

• Smartphone risk: Does your corporate smartphone policy stack up?

  Many organisations that allow smartphones to access their networks are woefully under-aware of many of the risks.  Continue Reading

• Quocirca: Where to buy good IT security

  When should buyers rely on what is provided by infrastructure suppliers and when should they turn to IT specialists?  Continue Reading

• Who is responsible for blocking malvertisments?

  In February the London Stock Exchange (LSE) came under scrutiny when an advertisement carried on its website was blamed for distributing a virus.  Continue Reading

• Secure your SCADA architecture by separating networks

  Many critical national infrastructure systems include supervisory control and data acquisition (SCADA) functionality. These systems can be viewed as the set of software, computers and networks that provide remote co-ordination of controls systems ...  Continue Reading

• CW Security Think Tank: How to ensure the success of infosecurity projects

  What are the top reasons IT security projects fail, and what are the top reasons they succeed? What should information security professionals do -...  Continue Reading

• Is the UK in danger of squandering its IT talent?

  One of the dangers of the government's Tech City project was illustrated recently with the news that TweetDeck, one of the leading companies in east London's Silicon Roundabout tech cluster, was negotiating its sale to US-based UberMedia for $30m (...  Continue Reading

• Do UK IT professionals have the skills to help their companies implement cloud computing securely?

  Majority opinion is that skills are lacking John Colley MD EMEA, (ISC)2 An overwhelming majority of our members participating in the current edition of the (ISC)2 Global Information Security Workforce study have told us that the answer to this ...  Continue Reading

• Risk metrics: Measuring the effectiveness of an IT security control

  In this article, based on an MSc thesis by Jonathan Pagett and Siaw-Lynn Ng, learn how to use risk metrics to gauge the effectiveness of IT security controls.  Continue Reading