Groundhog day as sensitive data lost in the post by government…again

I’ve said this before, but I’m going to say it again. By all means, worry about hackers – after all, they may be out to get you. Go ahead and buy that firewall; pay that technology company for their perimeter defence audit. Invest in anti-malware and anti-virus software. Have effective and tested plans in case … Continue reading Groundhog day as sensitive data lost in the post by government…again →

How good is your physical security?

There’s a great story I heard from a security trainer once, which I’ve shamelessly stolen and use in my own courses: A US corporation decides to introduce an ID badge policy, requiring all staff to wear their badges visibly at all times, and to challenge anyone seen walking around without a badge. Badges are issued, … Continue reading How good is your physical security? →

Is prevention better than cure?

A great deal of security writing is about preventing breaches. This seems pretty sensible at first glance – after all, isn’t that what security is? But when you think about it for a little longer, you begin to see some cracks. Let’s just remind ourselves that “cyber”-security is just part of an overall security picture. … Continue reading Is prevention better than cure? →