• I'm a GCFE. But Will I Use It?

    "> <figure class=" sqs-block-image-figure intrinsic " style="max-width:2074px;overflow:hidden;"> <div class="image-block-wrapper"> <div class="sqs-image-shape-container-element " … read more

  • One of Those Weeks

    Something is seriously wrong with my brain this week. Two incidents give cause for concern that I may have Frank Spencer syndrome: Incident 1 - over the weekend Rach asked me to have a look at the car because it wouldn't start. I got in it, turned the key and I got absolutely nothing from the … read more

  • Monster Password Issues

    This week, the massive online job site released a security notice that their database had been hacked, potentially releasing the personal details of millions of registered users. This isn't the first time this has happened, and I'm sure it won't be the last.Leave aside the fact that … read more

  • UK National Risk Register

    The UK Cabinet Office has now made public information from the previously classified UK National Risk Register. This is available at []( This seems to backup what many scientists have been … read more

  • Hacking in Canberra

    This week I've made my first visit to our nation's capital - Canberra - for a 6-day course in Hacker Techniques, Exploits and Incident Handling. Canberra is a strange little city. It seems to me to be a cross-between Washington and Milton Keynes, in that it's clearly a Government town; the Federal … read more

  • AusCERT 2008

    On Wednesday I attended AusCERT 2008. AusCERT is an annual conference for the IT Security industry organised by the Australian Computer Emergency Response Team. Held at the plush surroundings of the Crown Plaza Royal Pines Resort on the Gold Coast, the event is a chance for vendors such as Check … read more

  • Reported UK Data Losses - It's Worse Than You Think

    It comes as no surprise to me that we're seeing a lot of news reports lately regarding lost or stolen government laptops and removable media containing personal information. In the last week alone we've seen records of 600,00 people have been lost by the Royal Navy, as well as the loss of 4000 … read more

  • Am I speaking a different language?

    Here's an example of the kind of battle I have on a daily basis trying to get people into a security mindset: Me to Relationship Manager (RM): Can you please ask the client to complete the attached Business Impact Analysis (BIA) template so we can understand how valuable their data is in order to … read more

  • Update Checker

    I really like the new Filehippo Update Checker. It scans your installed applications and checks to see if you have the latest versions installed. This is important because it's not just your operating system that can contain security vulnerabilities that need patching - applications need patching … read more

  • TK Maxx security breach comes as no suprise

    The security breach at TJX, owners of TK Maxx, which has led to the disclosure of 45 million customer's credit and debit card information comes as no surprise to us in the IT Security community. Unlike banks, insurance companies and they're like who are regulated by the Financial Services Authority … read more

  • Security features in the new £20

    It may have the feel of monopoly money but apparently the security features built into the new £20 note are quite good. Here's a handy guide for checking for forgeries: read more