ID Fraud, The Non-Violent Crime

image

Much gets said about ID fraud. Is it a victimless crime? Does it have links with violent crime? Amongst all the hype how do we differentiate between fact and fiction? So I was very interested to hear that Sir Jester had compiled a report on ID theft. I then spent half a day, bribing, threatening [...]

No Comments

buying Commerical Software and securing it!

When faced with an automation requirement, there are two basic options: buy or build. If there is a commercial off-the-shelf (COTS) product that meets the requirement, buying off the shelf often seems like an easy decision.
COTS solutions can reduce development time, because components or applications can be purchased or licensed instead of being built from [...]

No Comments

Time To Take Action

:-)

The following is an email conversation UK Ltd had in March 2010:
From: Dave Griffin, Managing Director
To: Elaine Pearce, CISO; Richard Winston, IT Manager
Subject: No Access to Sensitive Data – No Excuses
Dear Elaine and Richard,
You know we’ve been discussing the Data Protection Act (DPA), well I’ve just heard that The Information Commissioner’s said he’ll impose a [...]

No Comments

The cloudy world of passwords

image

With the growth of social networking, online media consumption and cloud computing, every day millions of people log in to a variety of different sites using a username and password or PIN combination.  However, over the last few months there have been a number of high-profile hacking attacks that have pointed to the inherent [...]

1 Comment

Do You Speak 2010 Geek?

The IT security industry loves its acronyms, why is anyone’s guess – maybe it’s a speed thing, perhaps it’s the whole idea of writing code or overcome language barriers, I’ve even heard “it’s to do with saving bandwidth”, whatever! What I do know is it’s confusing for those on the outside to keep up when [...]

No Comments

Virtualized Security

image

Virtualization platforms are software. All software has flaws. Therefore, virtualization platforms have flaws. Simple logic, right? The major virtualization platform vendors, VMware, Xen (now Citrix), and Microsoft, have all had several vulnerabilities over the last few years. However, the major components of a virtualization infrastructure and the IT strategy related to deployment and maintenance [...]

No Comments

A New Approach to Enterprise Data Security

image

As enterprises seek to protect data from cybercriminals, internal theft or even accidental loss, encryption and key management have become increasingly important and proven weapons in the security arsenal for data stored in databases, files and applications, and for data in transit. No one needs to be reminded of the many high-profile, reputation-damaging and [...]

1 Comment

Mobile Security – Time For Action

image

The outbreak of potential data breach reports in the UK prompts obvious and inevitable questions: How can these things happen in the first place? How many more times is personal information lost without anyone’s acknowledgement and, some would argue most importantly, what can be done to secure the corporate defences?
Mobile computing allows individuals [...]

No Comments

Top 10 Reasons the Firewall Guy’s Hair is on Fire

image

The firewall is a mature technology, right? Then why do those who manage it feel like they’re running a daycare overrun with little savages?
Firewalls are a mature technology, right? Most companies have at least one, if not several. And since an established knowledge base exists to tap for issues and PCI DSS 1.1 and [...]

No Comments

The Confessions of a Chief Executive and his lost laptop

image

As the CTO of a data protection and encryption company I hear many a tale of woe as other CTOs and CEOs confess to me the stories of how various laptops within their companies have gone astray and the destruction these lost laptops have caused in their wake. With this in mind, here is [...]

1 Comment

A Good Samaritan

It happens in a moment – playing with my mobile before going into a meeting; I put it down for a moment and suddenly my host is standing in front of me. Two hours later I’m desperately searching for my phone. Rush back to reception but it’s not there. Here I am in Dubai and [...]

No Comments

The Path of Least Resistance

image

Childhood physics lessons always taught me that objects moving through a system followed the path of least resistance. Whether it is water running downhill, electricity running through a circuit or even weather systems travelling across a continent, this rule always rings true. As Security professionals, it should not then, come as a surprise, that [...]

No Comments

Bye Bye Baby

image

So the day is finally arriving. Our “baby” is getting married, the culmination of two years where we’ve saw him go through a different girl every week – or rather they went through him! – some which met with his mother’s approval and most who did not until finally he came home with the [...]

No Comments

Perception is Reality – not always

image

I recently decided to go out and upgrade my vehicle from a little panda to a monster XC90. I like to do my bit for the environment you see – and I don’t know about most of you, but I would be quite happy to not have to pay high energy bills to heat my [...]

No Comments

A Million English Words and IT security

image

Apparently we have hit the million word mark in English, according to some American organization that monitors such things. Now I know that most of you will probably be inclined to make some disparaging remark about Americans and the English language but it just goes to show that there’s probably about nine hundred and [...]

1 Comment

Fermat’s last theorem and the cynics first

image

I have always been impressed by the dedication of mathematicians to tirelessly push the boundaries of understanding and reasoning in both the abstract and real world. One famous problem that was recently solved (recently in the context of the history of mathematics) was Fermat’s Last Theorem (1637).
The Theroem states that that no three positive [...]

No Comments

Why do infosec consultants move jobs?

image

Infosec professionals are sometimes caught in between two worlds. We’re not strictly IT people and we’re not really business people. I’d like to think that we take the best qualities from both worlds and combine them to make the perfect worker that any organisation could ever hope to employ.
Being a slightly different breed of [...]

1 Comment

Security challenges Italian Style

David eating spaghetti

Three years ago I bought a house in the south of Italy and since then I have been trying to immerse myself in the local culture. It recently occurred to me that actually there was a great deal of similarity between the nuances and national characteristics of Italy and the challenges faced by security [...]

3 Comments

Is Your Firewall A Fire Hazard?

With the economy taking quite a bashing  and the housing market looking pretty miserable the question might be: Where is the silver lining? And I think I may have found it for those poor souls who have just seen their plans of moving to a new house dashed – you don’t have to tidy up! [...]

No Comments

Repenting of your seven deadly sins

SIN! SIN! Most people know sin. Whether you are religious or not, sin is a really useful concept that involves a wrong attitude toward your higher power and results in alienation from it. All major faiths, Islam, Christianity, Judaism have the concept. Even if you are not a believer, you have probably seen movies such [...]

No Comments