information security Archive
Commonly accepted best practice on password security is that passwords should be complex, changed frequently and never written down. Password complexity (8 alphanumeric characters, case sensitivity plus special characters) increases the level of difficulty associated with cracking it; password change regularity …
I did a presentation earlier this week at NITES, in Ireland. My topic was data protection and governance. I took the opportunity to make a number of linked points: We already have data protection legislation in the EU and US; These …
Well, that’s a relief – the UK government has caught up with the fact that there are criminals on the Internet. The government has said that it will spend £7 million to establish the Police Central E-crime Unit (PceU) in …
Given the increasing desire of businesses to be certified to ISO27001, risk assessment has emerged as an important skill for the infosec professional. While it is well-established in other areas, risk assessment is new to many in technology and requires …
More proof that the much vaunted convergence of information security and physical security is being made flesh: ‘Research from the Economist Intelligence Unit shows the number of CSOs taking ultimate responsibility for the security of a business has almost doubled …
Getting to grips with best practice information security and governance often involves a steep learning curve, and this is a challenge facing more and more people: as infosecurity and governance become increasingly mainstream topics, so a wider range of professionals …
SearchSecurity.com has published an interesting review of information security in 2006. Looking back at 2006 contains top security-related interviews of 2006, accessible in the form of a podcast. It’s a useful retrospective when considering 2007 and its upcoming challenges!
Confirmation from PriceWaterhouseCoopers that small and medium-sized firms are underinvesting in IT security and suffering for it. PWC calls the difference in preparedness between large and smaller companies ‘a tale of two cities’, which seems pretty apt. As they say, …
The FSA Handbook sets out clear requirements for the management of information security within its regulated sectors. The requirements are best met by implementing and maintaining an ISMS that meets the ISO27001 standard – ISO27001-certification is clear evidence that the …