Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Sense of Security written by C. Warren Axelrod

C. Warren Axelrod

C. Warren Axelrod is the Chief Privacy Officer and Business Information Security Officer for a financial services company, where he interfaces with the firm’s business units to identify and assess privacy and security risks and mitigate them, to have employees become familiar with security policies, standards, and procedures, and to ensure that they are followed.

Warren was honored with the prestigious Information Security Executive (ISE) Luminary Leadership Award 2007. He also received a Computerworld Premier 100 IT Leaders Award in 2003 and his department’s implementation of an intrusion detection system was given a Best in Class award.

He represented financial services information security interests at the Y2K command center in Washington, DC during the century date rollover. He is a founder of the FS/ISAC (Financial Services Information Sharing and Analysis Center) and served two terms on its Board of Managers. He testified at a Congressional Hearing in 2001 on cyber security.

Warren has published two books on computer management and numerous articles on a variety of information technology and information security topics, including computer and network security, contingency planning, and computer-related risks. His third book, “Outsourcing Information Security,” was published by Artech House in September 2004.

He holds a PhD in managerial economics from the Johnson Graduate School of Management at Cornell University and honors bachelors and masters degrees in electrical engineering, economics and statistics from the University of Glasgow, Scotland. He is certified as a CISSP and CISM.

AI Systems’ Security and Safety … A No-Brainer?

– The June 2017 issue of IEEE Spectrum is devoted to comparing AI (artificial intelligence) systems to the human brain. It is a special report containing eight articles under the umbrella of “Can We Copy the Brain?” We must ask whether this a reasonable endeavor? Will it give us a better…

Conflict vs. Consensus Cybersecurity Risk Models

– I gave a presentation at the end of April 2017 on “A Consensus Model for Optimizing Privacy, Secrecy, Security and Safety” at the IEEE Homeland Security Technology Conference. The topic occurred to me when reading a quote by Brookings Institute Fellow, Susan Hennessey, as follows: “We could…

Protecting In-Vehicle, Vehicle-to-Vehicle, and Ex-Vehicle Systems

– On May 5, 2017, I gave a presentation with the title “Cybersecurity in the Age of Autonomous Vehicles, Intelligent Traffic Controls and Pervasive Transportation Networks,” for which I was honored with the “Best Applications Track Paper” award, at the IEEE Long Island Systems, Applications…

Campaign Lessons Learned—Part 3: Authenticity, Authority and Access

– From the cybersecurity professionals’ point of view, identity and access management (IAM) is really all a matter of authenticity, authorization and access permissions. Similarly, if the origin of a news item or blog or comment can be traced to a provably authoritative source, then it is more…

Cybersecurity Risk Metrics … Why Don’t They Get It?

– The problem with cybersecurity is the metrics that are used to assess and manage security risks. In November 2008, I published an article “Accounting for Value and Uncertainty in Security Metrics,” in ISACA Journal, which subsequently won the 2009 Michael P. Cangemi Best Book/Best Article…