Risk Management with Stuart King and Duncan Hart:

October, 2007


October 31, 2007  6:00 AM

The 10 deadly sins of information security management

sking2 Profile: sking2
Compliance, risk, Security management

As the winter nights begin to close in, the family gathers around the fireplace for warmth and we'll tell each other stories. My current favorite is an old one entitled "the 10 deadly sins of information security management." This was written by Basie and Rossouw von Solms and published in...

October 30, 2007  6:00 PM

$10million supermarket scam

sking2 Profile: sking2
Misc

donkey.jpg I've heard some words of indignation expressed at the invitation of Frank Abagnale to speak at this years RSA conference. I understand the...


October 30, 2007  6:00 AM

EDS & BSkyB – A lesson for us all

sking2 Profile: sking2
Outsourcing, Project management

A friend of mine has a cartoon strip on his desk where somebody asks "why are the two servers named Benson and Hedges?" The response is "Because that's what it said on the design document..." The case in the


October 29, 2007  6:00 PM

New PCI mandates

sking2 Profile: sking2
PCI

Some new mandates from Visa released last week. Read the full bulletin here: http://www.computerworld.com/pdfs/Payment_Application%20Security_Mandates_9044159.pdf. Here's a summary


October 29, 2007  6:00 AM

Consumer Products in Enterprise Networks

sking2 Profile: sking2
Risk assessment, Skype, TCO

How much risk is there associated with taking consumer products into our enterprise networks? Should we just say no? I think that to do so would not be a good strategic approach because many such products such as MSN Messenger and Skype, for instance, are often "good enough" for what we want to be...


October 27, 2007  6:54 PM

Data leaks – what can we do?

sking2 Profile: sking2
Data Leakage

I've been giving a lot of thought to the subject of data leakage and associated risks to the business. The problem we have right now is getting a handle on all the different vectors that data leakage can occur. Even when we do have a good idea of the scope of the subject there is probably little we...


October 27, 2007  8:00 AM

Back to Earth

sking2 Profile: sking2

In Futurama, Fry wakes up in the year 3000 and finds himself in a strange new world where the technology is baffling, yet exciting. That's sort of how I felt wandering around the Microsoft campus today as a guest of Mark Curphey. There are gadgets galore,...


October 26, 2007  6:00 AM

Personality in Security

sking2 Profile: sking2
CISSP, IISP

A panel session at the RSA conference has suggested that "it is just as important to recruit on the basis of personality as it is to find someone with the right technical qualifications" for information security jobs (See article in Computer Weekly


October 25, 2007  7:00 PM

AppExchange Update

sking2 Profile: sking2
AppExchange, SFDC

Thanks to James Penfold from SalesForce.com who has made me aware that there is an updated program relating to the AppExchange certification process I mentioned a couple of blogs ago. This can be accessed online here:


October 25, 2007  4:00 PM

Opinion on the veto of AB779

sking2 Profile: sking2
PCI

terminator.jpg I wanted to take an opposing view to David Lacey's blog on...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: