What can you learn from the Yahoo! hack?

So, Yahoo! has been hacked, and 500m records abstracted, allegedly by a “state-sponsored” agency. Apart from worrying what you might have kept on Yahoo!, and whether using the same password for your social media account and your bank account was really a good idea, what does this mean for you? First off it’s a reminder … Continue reading What can you learn from the Yahoo! hack? →

The importance of governance – a dozen good questions you should ask your Board

Information security is a Board issue. Not everyone seems to appreciate this, and one of the more disheartening aspects of my day job is how hard it is to get senior execs to take the time to have security awareness training and engage with security policy. Why is it a Board issue? Firstly because directors … Continue reading The importance of governance – a dozen good questions you should ask your Board →

It’s the end of the world as we know it

Possibly slightly melodramatic; mind you, I like the song. The world that’s ending is the brave, new and, above all, anonymous world of the untamed internet. What’s happened? European bureaucracy – what else? A shopkeeper in Munich offered a free, open-access WiFi point. The mechanised army of the MPAA found someone using that bandwidth to … Continue reading It’s the end of the world as we know it →

Plumbing the depths

Here I am, back from my hols, with a refreshed bright and breezy outlook. How long will it take for the reality of information security to bring me back down to earth, I wonder? Oh, look, it’s not even noon on my first day back and here’s an article showing a whole new way people … Continue reading Plumbing the depths →