The industrialisation of cyberwar and cyberespionage using techniques developed in the last decade of massive expansion in cybercrime has presented a serious challenge to the security industry. The myriad breaches, whether at the lulz end of the scale or at the national security end of the scale, has highlighted the…
Author: Phil
Cyberwar what is it good for? Absoutely nothing?
Cybersecurity is a very hot topic right now, for example: ยท A contact in the UK government agency responsible for government information security has reported anecdotally that they have had more ministerial visits in the last 12 months asking about cyber than in the last 10 years for any purpose.…
Zones of Trust
The key security design decision is the balance to be taken at every step of a system design between trust and inconvenience. For every system to system, subsystem to subsystem and component to component connection a decision must be made as to whether either side of the connection will trust…
How to develop a security test strategy, part three
This is the third in a series of posts describing how to put together a security testing stategy and the associated test plans. Part one is here and part two is here. This is what I want to see covered in security test plans. Whenever I ask the supplier to…
How to develop a security test strategy, part two
This is the second in a series of posts describing how to put together a security testing stategy and the associated test plans. Part one is here and part three is here. What do you need to write a security test plan? The folowing documents comprise the list of what…