Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Sense of Security written by C. Warren Axelrod

C. Warren Axelrod

C. Warren Axelrod is the Chief Privacy Officer and Business Information Security Officer for a financial services company, where he interfaces with the firm’s business units to identify and assess privacy and security risks and mitigate them, to have employees become familiar with security policies, standards, and procedures, and to ensure that they are followed.

Warren was honored with the prestigious Information Security Executive (ISE) Luminary Leadership Award 2007. He also received a Computerworld Premier 100 IT Leaders Award in 2003 and his department’s implementation of an intrusion detection system was given a Best in Class award.

He represented financial services information security interests at the Y2K command center in Washington, DC during the century date rollover. He is a founder of the FS/ISAC (Financial Services Information Sharing and Analysis Center) and served two terms on its Board of Managers. He testified at a Congressional Hearing in 2001 on cyber security.

Warren has published two books on computer management and numerous articles on a variety of information technology and information security topics, including computer and network security, contingency planning, and computer-related risks. His third book, “Outsourcing Information Security,” was published by Artech House in September 2004.

He holds a PhD in managerial economics from the Johnson Graduate School of Management at Cornell University and honors bachelors and masters degrees in electrical engineering, economics and statistics from the University of Glasgow, Scotland. He is certified as a CISSP and CISM.

People Problems at the NYSE

– Recent newspaper articles tried to explain the 4-hour downtime on Wednesday, July 8, 2015, which was experienced by the New York Stock Exchange (NYSE) during the trading day. The knee-jerk reaction was that it was a coordinated cyber attack, since The Wall Street Journal home page and United…

Software Security Recall for Jeeps

– Author’s Note: This is a follow-up to my July 27, 2015 BlogInfoSec column “Jeep Hacked, Manufacturer ‘Dismayed.’” Fiat Chrysler’s recall of vehicles for security-related, versus safety-related, vulnerabilities is a very big deal and may pave the way for an entirely new approach to…

Jeep Hacked, Manufacturer “Dismayed”

– Dismayed? Is that as much emotion that Fiat Chrysler can muster when informed that their vehicles can be hacked remotely and many of the vehicle-control systems can be taken over by researchers Charlie Miller and Chris Valasek, including those systems that handle steering and braking (okay, right…

Data Masking: Good … Information Masking: Very Bad

– As we learn more and more about the huge data breach of the U.S. Office of Personnel Management (OPM), two aspects are grabbing everyone’s attention. One is the weakness of the security measures implemented by OPM and its contractors; the other is that senior management of OPM and purportedly…

Coding? OK … But Security? Ha!

– Bloomberg Businessweek did something amazing. It devoted an entire double issue (June 5-28, 2015) to computer programming. Paul Ford’s 38,000-word essay “The Code Issue” describes the origins and history of computer programming and programming languages with the intention of educating those…