I recently attended the East Midlands Cyber Crime Breakfast, where a panel of experts outlined what they saw as the principal cyber crime threats that were affecting organisations in the East Midlands. Continue reading “Top cyber crime threats to East Midlands businesses”
Tag: CESG
Why is my Password Too Long?
Dear Virgin Media
I recently decided it was time to change my password on my NTLWorld email account (managed by Virgin Media). I entered a new password only to be told “Password too long”. How long was my password? 11 characters. 10 characters are OK apparently. Continue reading “Why is my Password Too Long?”
How do you evaluate an Information Exchange Gateway solution?
How do you evaluate an Information Exchange Gateway solution? I’ve blogged previously on Cyber Matters about how Information Exchange Gateways (IEGs) need to be built in a flexible manner to meet a variety of customer requirements. The other big question from potential customers is how do they know that they can trust a solution? Continue reading “How do you evaluate an Information Exchange Gateway solution?”
5 Observations on Moving the Cyber Industry Forward
I had the pleasure of attending the SINET Global Cybersecurity Innovation Summit earlier this week. A very thought provoking event, with some great speakers.
Continue reading “5 Observations on Moving the Cyber Industry Forward”
Why do Staff Break Security Rules?
A recent report by Northumbria University for the Government Office for Science, strongly echoes research we at Nexor conducted in 2009 with Prof. Monica Whitty of the University of Leicester.
Continue reading “Why do Staff Break Security Rules?”
UK Government Security Classification Scheme
After nearly two years of planning, the new UK Government Security Classification system comes into operation this month. This will probably be accompanied by some articles from the doomsday brigade suggesting forecasting chaos and uncertainty; there are undoubtedly rough edges, but it’s important not to lose sight of the bigger cultural change at play…
Continue reading “UK Government Security Classification Scheme”
IACG: UK IA Community Map
As co-chair of the Information Assurance Collaboration Group (IACG), I have pleasure in announcing the latest update of the UK IA Community Map.
Continue reading “IACG: UK IA Community Map”
Booting Linux Securely
A report from Learning Tree “Linux Scores Highest in UK Government Security Assessment” has analysed the CESG set of reports on the security of end user devices, in which CESG assessed 11 operating systems. The Learning Tree report observed:
Of those, Linux got the best overall score
The report then looked at the criteria used to make this assess, and suggested:
As for Secure Boot, that has its serious detractors
Simple Information Assurance Maturity Model
A few months back I was tasked by the Nexor Board to carry out a fresh review of the cyber threat to our business and the maturity of our risk mitigations. We’ve had ISO 27001 for a many years across the business, and our audits all come up good, so I thought it should be easy. But how could I explain the results in a Board friendly manner?
Continue reading “Simple Information Assurance Maturity Model”
What is the difference between a Guard and a Gateway?
Guards and gateways are full application layer proxies that connect to two or more networks. They accept data passed on an inbound network interface, ‘process it’, and then pass data to the outbound network interface. The difference between the two is in the ‘process it’ step.
Continue reading “What is the difference between a Guard and a Gateway?”
Once Upon a Camayoc 