I will be speaking at the SMi Group Cyber Defence 2010 (National Security in a Borderless World) conference, being held at the Swissôtel in Tallinn, Estonia from 17th – 18th May 2010. My talk is entitled “Why the Private Sector is Key to Cyber Defence”, and I will be covering:
- The private sector and critical national infrastructure
- Why is the sector key to cyber defence?
- Information sharing between private sectors and government
- Private sector support for cyber defence and investigations
- Lessons learned and how collaboration may be improved
Further information can be found on the SMi Group website:
I will be speaking at the BCS Information Security Specialist Group’s 11th Annual Legal Day, being held at the RAF Club, London on Friday 22nd January 2010. My talk is entitled “RIPA: Perception and Practice”, although I was tempted to title it “RIPA: Proportionality, Paranoia and Practice”, and the synopsis is:
“There has been much discussion in the media and elsewhere about the use and misuse of the powers granted to many public authorities under the Regulation of Investigatory Powers Act 2000 and associated legislation.
Stories about snooping on people for trying to get their children into a particular school or letting their dogs foul the street may make the front page, but they are not necessarily representative of how the powers are used in general.
Sure, they should lead to questions about the implementation and effectiveness of the necessity and proportionality tests that are a mandatory part of the legislation, but there may be greater things to concern ourselves with when law enforcement and the intelligence community wish to grow and extend the use of data retention, monitoring and surveillance.
This talk will give an overview of many years of practical experience and interactions with the public authorities authorised to seek access to information under RIPA, Part I, Chapters I & II.”
Further information can be found in the events section of the BCS ISSG website:
I was quoted by Sun Microsystems in an press release covering the launches of their Secure Data Retrieval Server (SDRS). I both helped with the initial development of this compliance solution and was an early user, leading to the UK’s first deployment compliant with the full scope of the EU Data Retention Directive (EU DRD) – fixed and mobile telephony, Internet access, e-mail and VoIP (and web-browsing, which is beyond EU DRD), although it was at the time done under the UK Voluntary Code for Data Retention.
The full press release is available online at: