Who assigns the word “controversial”, “mandarin”, “tzar” and “bizarre” to a hot topic anyway? The general people, central government politicians or the British media? The media I would say so they have something to report on!
Government confusion/mixed messages
Sometime ago the prime minister and/or the home secretary was moaning about WhatsApp aiding terrorists and how they cannot crack it which I do not buy fully. Which brings up two thoughts. 1. Politicians not knowing what they are talking about - possible. 2. Politicians lying - hmm.
In 2010 the government opened the “The Cell” in Banbury, an evaluation centre for products. At first there were concerns about it and in 2015 it got a good bill of health with room for improvements of course. In April this year Theresa May approved a deal to use them and in May there are various concerns. Mixed messages from politicians to say the least.
QA Cyber Security Technical Consultant, Graeme Batsman, looks at Intrinsic vs. Extrinsic Project and Programme Management.
Over the last few years I have worked on different accounts from massive corporations to central government departments. Sadly, I have seen all sorts of amusing situations, for those of you that think poor security as amusing. One thing in common across most organisations, when it comes to poor security isn't necessarily the employee's lack of experience but more to do with poor management or you guessed it…. Something which makes the world go around….cash.
Numerous in house or externally managed projects/programmes get little/no security oversight let alone a Pen Test. A project/programme will have an overall Manager/Director, various leads and resources. Think about it, if a programme with a budget of tens of millions has 100 full time staff for three years, can't it afford 1-2 full time security resources? Unfortunately more often than not, this isn't the case resulting in the security versus project team staffing ration to be poor.
