As the winter nights begin to close in, the family gathers around the fireplace for warmth and we'll tell each other stories. My current favorite is an old one entitled "the 10 deadly sins of information security management." This was written by Basie and Rossouw von Solms and published in...
|I've heard some words of indignation expressed at the invitation of Frank Abagnale to speak at this years RSA conference. I understand the...
October 30, 2007 6:00 AM Outsourcing, Project management
A friend of mine has a cartoon strip on his desk where somebody asks "why are the two servers named Benson and Hedges?" The response is "Because that's what it said on the design document..."
The case in the
October 29, 2007 6:00 PM PCI
Some new mandates from Visa released last week. Read the full bulletin here: http://www.computerworld.com/pdfs/Payment_Application%20Security_Mandates_9044159.pdf. Here's a summary
October 29, 2007 6:00 AM Risk assessment, Skype, TCO
How much risk is there associated with taking consumer products into our enterprise networks? Should we just say no? I think that to do so would not be a good strategic approach because many such products such as MSN Messenger and Skype, for instance, are often "good enough" for what we want to be...
October 27, 2007 6:54 PM Data Leakage
I've been giving a lot of thought to the subject of data leakage and associated risks to the business. The problem we have right now is getting a handle on all the different vectors that data leakage can occur. Even when we do have a good idea of the scope of the subject there is probably little we...
October 27, 2007 8:00 AM
In Futurama, Fry wakes up in the year 3000 and finds himself in a strange new world where the technology is baffling, yet exciting. That's sort of how I felt wandering around the Microsoft campus today as a guest of Mark Curphey. There are gadgets galore,...
October 26, 2007 6:00 AM CISSP, IISP
A panel session at the RSA conference has suggested that "it is just as important to recruit on the basis of personality as it is to find someone with the right technical qualifications" for information security jobs (See article in Computer Weekly
October 25, 2007 7:00 PM AppExchange, SFDC
Thanks to James Penfold from SalesForce.com who has made me aware that there is an updated program relating to the AppExchange certification process I mentioned a couple of blogs ago. This can be accessed online here: