Last night we took the evening off to prevent ”repetitive startup syndrome”, a condition where you spend so much time at your desk that you find you can’t physically get off your chair due to muscle spasms. Along with a two local pals Alex and I went karting and then enjoyed a few glasses of local wine “Chez Franck”. Franck is a horticulturist/gardener and [...]
Archive for April, 2007
Are 50 Million People Safe from the Things THEY Care About?
April 27, 2007The ISM Community Revamp
April 25, 2007A few months ago we launched the ISM Community. The aim was to create an online community similar to OWASP but focused on Information Security Management. There is no shortage of people wanting to participate, big companies (not vendors with agendas!) wanting to be actively involved, people ready to start meetings and crowds loitering but not [...]
3 Reasons Why Privacy is a Hot Topic For Me This Week
April 25, 2007Firstly we had to write a privacy policy for the upcoming SourceClear.com web site. I must be honest and say that until now I haven’t had much of an appetite for the topic. If you grow up in the UK with speeding cameras everywhere, city cameras on every corner and even cameras in the toilets [...]
A New Firefox Zero Day
April 25, 2007Great Start-up Tips from Istanbul
April 24, 2007This is well worth a read for any entrepreneur.
Good Analysis on Breaches and Customer Loyalty
April 24, 2007Some good analysis by Adam Shostack on breach loyalty at Emergent Chaos. I have long suspected that customer churn is really low but I didn’t expect quite such a steep incline if subsequent breaches occurred. I once saw a blog post by a security person saying they would not eat at Ruby Tuesdays because they had [...]
The Problem with Policies and Standards
April 24, 2007Most people will agree that a written well written, accessible set of polices and standards should be somewhere in the belly of all information security programs. At their very essence they help people understand what to do and how to do it. Despite some peoples pessimism, I believe most people want to do the right [...]
The Problem with Security Process
April 23, 2007When you ask most security people if they have a process for something they will answer yes. When you ask them to describe or chart the process things tend to get more than a little cloudy.
Throughout our consulting careers we analyzed the root causes of the collective failures in security programs. The root cause is [...]
SourceClear Diary of a Startup - Week 3
April 21, 2007Yes it’s Tuesday and I am manipulating the date stamp on the blog so it looks like this was posted last Friday. I told you I would be honest! Last week was incredibly busy and we learnt some good lessons.
Superhuman Activity is for Superhuman’s
.NET was the Right Choice
Tortoise and Hare Syndrome
AGILE Development and Product Management
Never Under [...]
ISM Community Top Ten - Training and Awareness is Key - Guest Post
April 16, 2007Another guest article from Tim Smith (video here) to support the ISM Community Top Ten. Leave comments for Tim in the comments below!
Although this section is specific to Information Security Awareness training, it really stands true for whatever message you are trying to get across.
From an Information Security perspective though, having security policies is great, can’t [...]
Recent Comments