Monthly Archives: February 2013

ContraRisk Security Podcast 0003: Security skills and certification

» Listen now on the podcast page » There simply aren’t enough properly trained security professionals to go round, according to a new report by professional body (ISC)². Its its sixth Global Information Security Workforce Study (GISWS) claims that the lack of skills isn’t just a security problem or a risk to organisations’ balance sheets and reputations when the inevitable attacks happen –… Read more »

ContraRisk Security Podcast 0002: keys, certificates and fast-changing websites

» Listen now on the podcast page » Keeping track of SSH keys and SSL certificates can be a real headache. Knowing who has access to what gets very complex when there are thousands of these things washing about in the organisation. A new report by the Ponemon Institute, sponsored by Venafi, has come up with some big, scary numbers in terms… Read more »

A proportionate response to hacking

Our legal attitudes to hacking and cyber-attack are in a mess, frankly. Often (and yes, America, I’m looking at you) they are wildly disproportionate to the damage done. And even when they’re not, the judiciary and the mainstream press seem unable to come to any settled opinion about what should be done about the hacker ‘menace’. There is a clear,… Read more »