Loading ...
BlogInfoSec.com Sponsors
BlogInfoSec.com Partners
-
Recent Comments
- Navin on Why Information Security Professionals Should Learn Texas Hold ‘em Poker
- john doe on An Analysis of the Privacy Rights Clearinghouse “Chronology of Data Breaches” and Implications for Information Security Professionls (pt. 1)
- Adam Shostack on PCI DSS Position on Patching May Be Unjustified
- Jens Laundrup on PCI DSS Position on Patching May Be Unjustified
- Kris on Medical Identity Theft: Your Money or Your Life
Tags
agility algorithms application security assessment awareness Awareness / Education awareness instruction awareness training bloginfosec Annoucements Books on InfoSec breach incidents Budgeting for Security business continunity CIA triad CISO CISO savvy CISO skills COBIT Coding Securely / SDLC Conferences / Events / Meetups contingency plans counterfeit counterfeit equipment data breaches data breach notification laws data classification digital signature disaster recovery education Encryption end-point security equipment Exploit Code / Malware facebook fake FBI featured FFIEC Forensics / Incidents FUD Theater GLBA governance government Gramm-Leach-Bliley hackers hash HIPAA honeynet honeypot identity management identity theft IDM incident Industry Commentary Information security Interviews ISACA Jobs in Information Security Johnny Long KPMG leadership Legal & Regulatory Issues malicious insider malware metrics nation states network News Commentary No Tech Hacking OWASP Patching PCI Penetration Testing perimeter Phishing Policies and Procedures Privacy Privacy Rights Clearinghouse Reverse Engineering risk risk management ROI ROSI SB 1386 Security security awareness Security Breaches self-awareness Social Engineering soft skills Solutions / Workarounds SPAM spotlight successful behaviors Tools training Uncategorized Virtual Trust Viruses / Worms vulnerability assessment Vulnerability Commentary Vulnerability Disclosure Wireless Wireless Client Wireless Discussion Wireless Security Wireless Vulnerability Discussion
Perspectives of a Security Maverick written by Kenneth F. Belva
Kenneth F. Belva is the Publisher and Editor-in-Chief of bloginfosec.com. He currently manages an Information Technology Risk Management Program for a bank whose assets are Billions of dollars. He reports directly to the Senior Vice President and Deputy General Manager (CFO).
ITsecurity.com recognized him as one of the top information security influencers in 2007.
He is an advisor to the Board of Directors for the New York Metro Chapter of the Information Systems Security Association (ISSA). He was the Chair of the Public Relations Committee. In this role Mr. Belva was in charge of communication between the Chapter and other information security related professional organizations.
He has spoken and moderated at the United Nations as well as presented on AT&T’s Internet Security News Network (ISNN) on discovering unknown web application vulnerabilities as well as being interviewed on security enablement.
He recently co-authored a paper entitled “Creating Business Through Virtual Trust: How to Gain and Sustain a Competitive Advantage Using Information Security” with Sam Dekay of The Bank of New York. In 2005 he authored the contrarian paper: “How It’s Difficult to Ruin A Good Name: An Analysis of Reputation Risk” which was a leading paper on the impact of security breaches on stock prices.
He taught as an Adjunct Professor in the Business Computer Systems Department at the State University of New York at Farmingdale. Mr. Belva is credited by Microsoft and IBM for discovering vulnerabilities in their software. He is the author of the chapter “Encryption in XML” in Hackproofing XML published by Syngress.
Mr. Belva holds the Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) certifications and has passed the Certified Information Security Manager (CISM) exam.
Mr. Belva frequently presents at information security conferences around the country.
In addition to his professional responsibilities, he currently sits on the Board of Directors for Franklin and Marshall College’s Regional Alumni Council for the New York Metro area.
Could SPAM Sway the US Presidential Election?
July 10, 2008 – 6:00 am
–
Might the power of SPAM be able to change the course of US political elections? Could a SPAM disinformation campaign sway voters?
This scenario occurred to me after I received SPAM with the following headlines:
McCain suffers heart attack
Obama suffers setback in polls due to sex secrets
The…
Security Tidbits of Interest
June 30, 2008 – 10:00 am
–
Did you know that Al-qaeda uses PGP?
Analysts said that as-Sahab is outfitted with some of the best technology available. Editors and producers use ultralight Sony Vaio laptops and top-end video cameras. Files are protected using PGP, or Pretty Good Privacy, a virtually unbreakable form of…
In Praise of the Information Security Checklist
June 26, 2008 – 6:00 am
–
This is much anger and venom spit when the subject of the information security checklist is brought up. At one point in my career I looked at the checklist in disdain figuring that only people who do not understand the true depths of a subject relied on checklists as a crutch in place of…
Why Information Security Professionals Should Learn Texas Hold ‘em Poker
June 11, 2008 – 6:00 am
–
“Mathematics and psychology.” That’s poker (including Texas Hold ‘em) according to the legendary poker player Mike Caro. That could also describe the field of information security. In this column, while I’ll show some of the overlap between Texas Hold ‘em Poker…
Losing Friends on Facebook: A Privacy Story
May 22, 2008 – 6:00 am
–
Reconnecting with past friends and acquaintances, to me, is the primary value of Facebook. It is a simple way to establish ties to people you knew but lost touch with over the years. It’s a common experience on Facebook to befriend past best friends, people you’ve dated, and high…
