Accreditation – What was that?

In January 2015, the UK government’s ‘technical authority on information assurance’ (CESG) announced the end of the requirement for systems security accreditation. I remain a watcher of the British government’s way with information security. This goes back to my own work on accreditation, from the time when it was launched in the mid-90s up until […]

The last GASSP

Why can’t information security people all use the same terms of reference and speak a common language? This thought last came up for me when working to produce multiple-choice questions for an information security exam. My carefully worded ‘wrong’ choices (called ‘distractors’) as well as my correct choices all had to be backed by referenced […]