Risk Management with Stuart King and Duncan Hart:

March, 2009

March 30, 2009  12:00 PM

Ranums’s Rant – Risk Takers and Security Disasters

sking2 Profile: sking2
Risk assessment

An interesting rant on Information Security from Marcus Ranum online here. I picked up on the following quote:

The security team explained why it was a bad idea; in fact they...

March 30, 2009  10:16 AM


dhart1 Profile: dhart1

Loads of coverage of the GhostNet story at the weekend. The FT, NY Times,

March 24, 2009  11:15 AM

Far from smart phones

dhart1 Profile: dhart1

Does anyone know of a smart phone or mobile device that enforces account and privilege separation?

It's been a long held good practice to run user accounts with least level of system privilege and only use admin accounts when you absolutely have too. The obvious danger is that if you're...

March 23, 2009  7:00 AM

Security, scale and functionality – Part 3: Functionality

dhart1 Profile: dhart1
Functionality, Scale, Security

I love system functionality, it's a great thing. It brings a rich and dynamic user experience or empowerment through seamless processes to get things done. Whether it be business functionality or technical functionality, we now have more system functionality at our finger tips than we've ever...

March 21, 2009  7:19 PM

Top 5 information security annoyances – #2

sking2 Profile: sking2
security awareness

Few of my blogs have generated so much venom to be thrown in my direction than this one from last week. One blogger from America has gone so far as to write two very lengthy...

1 Comment     RSS Feed     Email a friend

March 20, 2009  3:44 PM

Laptop with personal data stolen

sking2 Profile: sking2
Data breach, Third party vendors

Another third party vendor failing to implement decent security around sensitive data.


You've got to check out your vendors! The vendor might be at...

March 17, 2009  7:23 PM

BBC, BotNets and legal hacking

sking2 Profile: sking2
BBC, Botnet, Hackers

On Monday I remarked on the BBC Click botnet investigation. I slightly regret my post because, in fact, I think they did a great job in bringing to life the potency of botnets. Legalities aside, let's focus on the fact...

March 17, 2009  9:30 AM

Top 5 Information Security Annoyances

sking2 Profile: sking2
Compliance, PCI, Risk assessment, security awareness

I'm generally a tolerant and easy going sort of person. There's a fairly short list of things that get my goat. For instance, our local doctors surgery has a call queuing system with 6 different options. However, I know for a fact that there's only one person working...

March 16, 2009  9:30 AM

BBC violate Computer Misuse Act

sking2 Profile: sking2
BBC, Botnet

Software used to control thousands of home computers has been acquired online by the BBC as part of an investigation into global cyber crime.

The technology programme Click has demonstrated just how at risk PCs are of being taken over by...

March 16, 2009  9:19 AM

Security, scale and functionality – Part 2: Scale

dhart1 Profile: dhart1
Functionality, Scale, Security

Scale, whether it is physical or logical, brings some interesting security challenges. The fundamental issues are oversight, assurance and misplaced trust.

Extended enterprises and supply chains are a contemporary case in point. With IT systems and processes integrated across traditional...

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: