Info sec, AI and ethics – some thoughts #codemesh

I’m heading off to speak at the CodeMesh Conference in London shortly and I’ve been thinking about the emerging boundaries between information security, AI and ethics. I will post some thoughts as they evolve. Developers (and others) and ethical approaches We need to help everyone, from coders through info sec professionals to senior organisational leaders, to understand that information security, AI and ethics are part … Continue reading Info sec, AI and ethics – some thoughts #codemesh

Data governance and cybersecurity

The connection between data governance and cybersecurity might not be immediately apparent. But if one considers the ‘5 knows of cyber’, it becomes obvious that cybersecurity is all about data, and data is all about information, and we want information to be secure. I use the ‘5 knows’ as the foundation of our data governance framework, because it really helps people to understand why data … Continue reading Data governance and cybersecurity

Internet of Things and beyond: cyber-physical systems

The new industrial revolution is a cyber-physical systems revolution. The Internet of Things (IoT) forms a foundation for this cyber-physical systems revolution and it is driving the biggest shift in business and technology since World War II. Introduction “Cyber-physical systems (CPS) are physical and engineered systems whose operations are monitored, coordinated, controlled and integrated by a computing and communication core. Just as the internet transformed how humans interact … Continue reading Internet of Things and beyond: cyber-physical systems

Internet of things, data security and privacy

I’ve been attending the 36th International Conference of Privacy and Data Commissioners in Mauritius, presenting on the Internet of Things (IoT) privacy and security to the attendees. It has made me very conscious of the tension between privacy/security and the drive to bring products to market quickly. Further, it seems that the challenges of data protection have not been fully considered for many Internet of … Continue reading Internet of things, data security and privacy

6 Secrets of Highly Secure Organizations

A recent article in CSO Magazine (Vol. 1, No: 2 2004, p. 21 ff.) noted the 6 Secrets of Highly Secure Organizations. These organizations: 1) spend more on security 2) separate information security from IT 3) conduct pen tests 4) create a risk assessment process 5) define an overall security architecture 6) establish quarterly review process with metrics These are all fairly obvious things to … Continue reading 6 Secrets of Highly Secure Organizations

Good post on women in security

There is an interesting commentary on women in security on http://www.oneeyedcrow.net “Okay, rant time. In quick succession, the subject of women in the security field has come up several times this week. Many of the male security geeks I know have no idea why there aren’t more women in the field. Well, in a nutshell, this post and others like it are why. Pathetic script … Continue reading Good post on women in security