Risk Management with Stuart King and Duncan Hart:

November, 2008

November 28, 2008  7:30 AM

India, outsourcing, and hospitality

sking2 Profile: sking2
Misc, Security management

The events in Mumbai are shocking and tragic. The scale of the attack and the apparent singling out of westerners is a wakeup call. Indian outsourcers such as Wipro and Infosys are, according to

November 25, 2008  9:00 AM

EURIM on Information Governance

sking2 Profile: sking2
Security management

I had the privilege yesterday to attend the EURIM Directors Roundtable on Information Governance. The purpose of the event was to identify "whether there is the will on the part of large organisations and...

November 24, 2008  9:30 AM

James Bond and Chinese Hackers

sking2 Profile: sking2

The story in the press alleging that Chinese computer hackers are attempting to gain access to state secrets (see "US Warned of China Cyber Spying") is not new by any means. Newspapers were reporting similar stories...

November 22, 2008  5:00 PM

Infosec risk assessments – uncertainty and opinion

sking2 Profile: sking2
Security management

One of the problems with information security and risk assessments is that we're really dealing with uncertainty rather than risk. There is a difference. You can estimate risk when you know the probability of an event. When it comes to information security there is a lack of valid data. Not...

November 19, 2008  7:45 AM

BNP Data Breach

sking2 Profile: sking2
Security management

The data breach suffered by the British National Party is a low-tech incident against which there is little defence. See http://news.bbc.co.uk/1/hi/uk/7736794.stm.

I have no personal sympathy for the BNP - and their politics are not...

November 18, 2008  10:06 PM

Malware hits London hospitals

sking2 Profile: sking2
malware, Network security

It's interesting to speculate how three seperate hospital computer systems have managed to simultaneously fall victim to malware. See http://news.bbc.co.uk/1/hi/england/london/7735502.stm. Given that the rest of us have not today...

November 18, 2008  9:00 AM

Do you know what you don’t know?

sking2 Profile: sking2
Security management

I've learnt the hard way that however much time gets assigned to a business unit security review, that you invariably step off the plane on arriving home and suddenly think of three more questions that you could or should have asked, or on getting back to the office the first...

November 17, 2008  12:30 PM

The first rule of Information Security

sking2 Profile: sking2
Security management

My first rule of Information Security has today been demonstrated to good effect to still hold true. The rule being: "If you don't check then it hasn't been done."

The somewhat related second rule of "people will tell the Security Director what they think he wants to hear" is also...

November 14, 2008  8:30 AM

Rambling on about risk assessment

sking2 Profile: sking2
Network security, Security management

I was reading with interest a two-part blog posting from Chris Hayes on his Risktical Ramblings site. It's a detailed and thorough run through of a risk assessment process. I actually think...

November 13, 2008  8:16 PM

A question of origin

sking2 Profile: sking2

My daughter's school (which she has attended for the past two years) has sent a questionnaire for me to complete for their records. They apparently need details of her ethnic origin and first language.

I've ticked the boxes indicating that she is a Romany/Gypsy with Hindi as her first...

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: