The Attributer writes this just after the announcement by Yahoo that, back in 2014, “state-sponsored” hackers stole information from about 500 million users in what appears to be the largest publicly disclosed cyber-breach in history. What! And now you’re telling those users that they should “change their passwords”, some two years later. Isn’t that a bit late? Horses and stable […]
The Attributer’s Blog – Regression Planned
First reported in the Telegraph on 21st April 2016, and later by Channel Four News on 24th May 2016, was an incident affecting UK National Security that occurred during the previous year, on 13th June 2015. “Semaphore, the computer system that checks passengers on their way to the UK against watch lists of suspect individuals, had faltered after being flooded […]
The Attributer’s Blog – Exit-Ready
Sometimes an enterprise has to get out of some business arrangement for some reason. It may be something the business has been considering for some time and finally comes to a decision after some trigger event, or it may occasionally be a totally unexpected requirement to find a way out, triggered by an event totally unexpected or at least uncertain. […]
The Attributer’s Blog – Informed
An important aspect of good system design is that users should understand how the system works for their benefit. The attribute ‘informed’ is defined in the Big Blue Book of SABSA (Enterprise Security Architecture: A Business Driven Approach, Sherwood, Clark and Lynas) as follows: “The user should be kept fully informed about services, operating procedures, operational schedules, planned outages, and […]
Final Call for the 2016 SABSA World Congress
Join the international community of leading SABSA Practitioners and Masters at COSAC running from 2 – 6 October at the wonderful Killashee House near Naas, Ireland. The full programme for what is undoubtedly one of the world’s elite fully-residential security events has been announced at COSAC.net . Full information regarding packages and registration can be found on the COSAC website.