I work in a world of standards, opinions, controls and countermeasures, all encompassed in a foreign language of “InfoSec” and “ItSec”. This of course, while entertaining, is of little use to the world. I would like to propose a simple concept, probably high level, and I am sure my peers would argue is “inadequate”, that said however, hear me out: Continue reading “How Security Should Work”
PCI-DSS Is it dead?
First of all, legislation doesn’t die, it just becomes BAU. PCI is still a pain for most, but as a race, us Humans are fickle creatures who like our topics and news to be current, so the latest and greatest will always be at the top of the agenda. Continue reading “PCI-DSS Is it dead?”
Related Images:
IISP Top Gun event, Manchester, 30 June 2008
Courtesy of the Institute for Information Security Professionals
As I mentioned in the opening CEO article, the inaugural Top Gun event in Manchester was a great success on many fronts.ย We had 20 participants, organised into the Red and Blue teams, plus 5 members of the Control Team, and the day just seemed to fly past, so intense was the concentration, interaction, ingenuity and fun. Continue reading “IISP Top Gun event, Manchester, 30 June 2008”
Related Images:
Layered Security
The concept is simple, the more obstacles in the way the better. Let me abstract the concept for you…..
…..you put your file in a safe, I crack into the safe.
………you put your file in a safe, and lock the safe in a strong/secure room, I crack the room then the safe. Continue reading “Layered Security”