Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

The Weakest Link written by Allan Pomerantz

Allan Pomerantz

Allan Pomerantz is the Chief Information Security Officer for the Philadelphia Stock Exchange, the Nation’s oldest.

Allan is responsible for the creation and distribution of Information Security Policies approved by executive management. In addition, he conducts employee awareness and training programs which emphasize avoiding Social Engineering and Phishing Scams.

In addition, in conjunction with the various technical system administration units, he is responsible for developing and implementing PHLX’s Defense in Depth Strategy which involves hardware, software, policies, and education.

Allan holds the CISSP and CISM designations and is a member of ISSA and Infragard.

He is a graduate of Penn State University with an MBA from Drexel University.

E-Discovery: Stick ‘em Up

July 17, 2008 – 6:00 am – This column is not strictly about information security, although IS has a role to play. Rather, it is covers a topic that should be of significant interest to the people normally concerned with IS – information technology, compliance, and especially the CFO and the CFO. First, a disclaimer. The…
Posted in General | Tagged , , , , , | Comments (0)

Medical Identity Theft: Your Money or Your Life

June 19, 2008 – 6:00 am – What could be worse than ID theft of your financial identity? After all, you could lose thousands of dollars, spend days on the phone with financial institutions, credit bureaus, and merchants. Your interest rates could climb on your credit card debt due to the practice of “universal default”…
Posted in Cybercrime | Tagged , , | Comments (1)

The Password Dilemema: Improving the Mundane

May 27, 2008 – 6:00 am – The weaknesses of passwords used for authentication and authorization are well known. In fact, many security experts feel that using a password as the only means of accomplishing these goals constitute “worst practices.” As a result, some higher risk entities (banks, governments, etc.) are…
Posted in General, Human Elements | Tagged , , | Comments (0)

Human Fallout and the Security Impact of the Sub Prime Crisis

May 13, 2008 – 6:00 am – By now everyone heard of, or should I say felt, the impact of the Sub-prime crises on the economy as a whole and on US financial institutions. In particular, the big banks have been affected by having to write off billions of dollars in losses. In order to help restore their balance sheets, these…
Posted in General | Tagged , , , | Comments (1)

Intentional Security Blindness

April 29, 2008 – 6:00 am – In previous columns I talked about two types of employees, contractors, and the like who could cause your organization harm through poor security practices resulting in loss of data, money, or trade secrets, etc. The first type were people who caused such losses inadvertently through security…
Posted in CSO/CISO Perspectives, Human Elements, Information Security News | Tagged , , | Comments (2)