Security Policy Framework Compliance Checklist – available for download.
As previously mentioned, we have updated the SPF Compliance Checklist to make it suitable for use with Version 7 of the Security Policy Framework released a few weeks ago. The…
Updated Security Policy Framework – UK Government Security Standard
The UK Government has released an updated version of the Security Policy Framework (version 7) which reflects changing opinions on the best way to manage security risks within Government. The…
GCHQ chief reports ‘disturbing’ cyber-attacks on UK
As reported on the BBC news today, the head of the UK signals intelligence organisation - GCHQ - is concerned over the rising number of attacks on UK businesses. From…
Security Measurement and Control
One of the most challenging part of building security into your organisation - or even just improving your existing security - is determining how you will measure the effectiveness of…
Security Risk Management – Protecting your business
Security risk management is, as we frequently say, important for every organisation. For most businesses it can be a make or break issue and, in lots of industries, there are…
Security Risk Management and Risk Response Options
Proper management of risk is essential to every organisation. Although frequently seen in a negative light, risk is simply an uncertainty of outcome and routinely accompanies new opportunities. Poor risk…
Hospital loses 800 patient’s data
A report has apparently revealed that the East Surrey Hospital has lost an unencrypted USB drive containing the details of 800 patients. According to the Crawley Observer, this data included details such…
Employee Owned Devices
It is difficult for any enterprise level IT hardware supply to keep up with the trend for new, shiny, consumer devices. Most businesses have a multi-year cycle of purchasing assets,…
Hacked out of business?
Most businesses understand that security is important but, as we discussed in a previous post (How do you measure the value of Information Security?) there is a tendency for owners…
Security Investigations, an essential tool
Security always fails at some point. No matter what you do, the bad guys will eventually manage to get past something. Sadly, this is inevitable. The best employee screening program…
How do you measure the value of security?
For lots of people and businesses of all sizes, security is viewed as something which is an unfortunate cost that simply has to be tolerated. In effect, this gives rise…
Risk Management and Measurement
Security is built upon the bedrock of risk management, but this is frequently overlooked and instead things are left to chance. Every activity carries risk and nothing can ever provide…
Security Policy – Essential first step
Security is important. Security underpins pretty much every activity you are engaged in - be it at work or at home. From a business perspective, security can be the difference…
Testing for Insecure Passwords
Despite recent popular opinion and some well publicised hacks involving them, passwords are not intrinsically weak. When used properly, they are a perfectly good, single factor, method of authentication. The important part…
Cloud Security – Uncrackable Encryption?
Cloud computing is frequently presented as the future of how will interact with our data. More and more systems are moving to the various service routes, from software (such as…