Working in Sydney: updates from “Down Under”

It’s been about a week since I arrived in Sydney and it’s passed really quickly. I headed to Sydney on Sunday, July 6, via London, and will stay here for two weeks to work on an ISO 27001 security project that will extend to beginning of 2009. The offices I’m working at, in Darling Park, are really nice, and the views over Darling Harbour simply awesome, as you can see below.

View over Darling Harbour

Now that my body is starting to recuperate from the 8 hours time difference, I’ve decided to upload a few pictures to the Photos area. There aren’t that many at the moment, but I’ll keep uploading more as I go. [Read more...]

Integrating ISO 17799 into your Software Development Lifecycle

[IN]Secure Magazine - Issue 11I open the new section Papers & Presentations of this blog posting my latest article published on INSECURE Magazine: “Integrating ISO 17799 into your Software Development Lifecycle”.

In this paper, published on the 11th issue of INSECURE Magazine (May 2007), I explain how information security controls can be integrated in the Software Development Lifecycle (SDLC) using ISO/IEC 17799 (now ISO/IEC 27002). The article includes a summary table linking specific clauses in the standard to SDLC phases starting from the risk assessment stage, prior to drawing up security requirements, and continuing right through development, testing and operations to system disposal at the end of its life.

[Read more...]