Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Sense of Security written by C. Warren Axelrod

C. Warren Axelrod

C. Warren Axelrod is the Chief Privacy Officer and Business Information Security Officer for a financial services company, where he interfaces with the firm’s business units to identify and assess privacy and security risks and mitigate them, to have employees become familiar with security policies, standards, and procedures, and to ensure that they are followed.

Warren was honored with the prestigious Information Security Executive (ISE) Luminary Leadership Award 2007. He also received a Computerworld Premier 100 IT Leaders Award in 2003 and his department’s implementation of an intrusion detection system was given a Best in Class award.

He represented financial services information security interests at the Y2K command center in Washington, DC during the century date rollover. He is a founder of the FS/ISAC (Financial Services Information Sharing and Analysis Center) and served two terms on its Board of Managers. He testified at a Congressional Hearing in 2001 on cyber security.

Warren has published two books on computer management and numerous articles on a variety of information technology and information security topics, including computer and network security, contingency planning, and computer-related risks. His third book, “Outsourcing Information Security,” was published by Artech House in September 2004.

He holds a PhD in managerial economics from the Johnson Graduate School of Management at Cornell University and honors bachelors and masters degrees in electrical engineering, economics and statistics from the University of Glasgow, Scotland. He is certified as a CISSP and CISM.

Automobile Safety Systems ARE Subject to International Standards

– In all the discussions, which I have read in newspapers, or seen online and on television, about the Volkswagen “defeat device” software deception, there have been few, if any, references to international standards that should be applied to safety-critical systems in general and to automotive…

At Last! A Reporter Who Understands Cybersecurity

– We are bombarded with TV news, newspaper articles, blogs, comments, and the like, about cybersecurity. Most reporters seem to be in awe of the attackers (sophisticated criminals and nation states, for the most part) and sympathetic to the victims. After all, so it goes, the attackers are so clever…

Juiced Beetle Not a Bug – Intentional Malware

– An editorial column in the September 24, 2015 Wall Street Journal had the title “The VW Emission Bug.” The “defeat-device” software, which Volkswagen confirmed that they had installed in some of their diesel cars, certainly wasn’t a bug, as my October 5, 2015 BlogInfoSec column “When…

When is a Glitch Not a Glitch?

– … When it’s not a “minor malfunction” or “a minor problem that causes a temporary setback.” (per Webster’s dictionary). There was nothing minor about the four hours of downtime of an air traffic control system that caused a “major” disruption of military and civilian air…