Risk Management with Stuart King and Duncan Hart:

February, 2008

February 29, 2008  4:01 PM

Cold Boot Encryption Hack – Follow Up

sking2 Profile: sking2
Data protection, Encryption

There's an interesting follow up piece to the blog I wrote a couple of days ago about the disk encryption hacks. Read it here. Russ Humphries argues a case as follows


February 29, 2008  1:42 PM

HMRC appoints 37 data guardians

sking2 Profile: sking2

From The Register

HM Revenue and Customs has appointed 37 staff to protect information, since it lost personal records on 25 million people last November. Each of HM Revenue and Customs' (HMRC) business units...

February 28, 2008  6:00 PM

Professional Accreditation – IISP

sking2 Profile: sking2
certification, CISSP, IISP

Today I can add a few more letters to my business card: M.Inst.ISP. Few of you will yet be familiar with what this stands for. It means Member of the Institute of Information Security Professionals and it signifies an endorsement of "knowledge, experience and professionalism" in...

February 27, 2008  5:00 AM

Risk assessment – a basket case

sking2 Profile: sking2
business case, Risk assessment

Risk assessment is a hazardous business. For instance, take the case of the town council that banned hanging baskets after they ruled there was a risk they could fall from lampposts and injure the public (see full story here). The...

February 25, 2008  4:45 PM

YouTube Outage – Consumerisation Risks Come Real

sking2 Profile: sking2

Those businesses who found a free/cheap consumer tool in YouTube on which to host their online video content will be feeling slightly less smug today in the wake of the outage attributed to Pakistan's blocking of the site and the subsequent ISP related mess. Read more about this news from the BBC...

February 24, 2008  7:00 AM

Real cost of a data breach

sking2 Profile: sking2
Compliance, Data breach, Data protection, PCI

A few days ago I was challenged over the effort and cost of protecting private data when, as has been observed, there often does not appear to be much in the way of actual impact to an organisation's share price or customer base subsequent to a data breach. Take TJX for instance, currently trading...

February 23, 2008  7:02 AM

Laptop Disk Encryption Vulnerabilities

sking2 Profile: sking2

There is lots of talk going around about the results of research showing that disk encryption, the standard approach to protecting sensitive data on laptops, can be defeated by relatively simple methods. More specifically the results...

February 23, 2008  7:00 AM

Google Hacking Tool Released

sking2 Profile: sking2

A new tool has been released to assist hackers in using Google to find website vulnerabilities. The tool is called Goolag and it simplifies the task of using the search engine to identify common weaknesses, misconfigurations, and files containing valuable information associated with a...

February 21, 2008  8:00 AM

Infosec Spain

sking2 Profile: sking2

It was my privilege yesterday to be invited to give a presentation in support of the Infosecurity Spain exhibition. This is a sister show to Infosecurity Europe and is due to be held in Madrid during June this year. My presentation was to a group of...

February 18, 2008  5:00 PM

Biometric security –

sking2 Profile: sking2

I signed up for the iris scanner service at Heathrow airport. The theory is that passing through passport control should now be a breeze because all you need do, once registered, is walk up to the scanning device and pass through security in an instant. Unfortunately, the scanner is proving to be...

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: