Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Category Archives: CSO/CISO Perspectives

Security Metrics, Recency Bias and Availability Heuristics

– I “recently” came across an article by Tom Chatfield with the title “The Trouble with Big Data? It’s Called The ‘Recency Bias,’” which is available at http://www.bbc.com/future/story/20160605-the-trouble-with-big-data-its-called-the-recency-bias The article was published on June 5,…

Team Communications—Same Tune, Different Song

– There’s an interesting article in the September 2016 issue of the Communications of the ACM by Kate Matsudaira with the title “Bad Software Architecture Is a People Problem: When people don’t work well together they make bad decisions.” The article essentially describes many issues with…

Ron Ross and a “New” Approach to Cybersecurity

– No sooner had I finished my latest “Are We Secure?” piece than I read an August 23, 2016 article on Fedscoop by Shaun Waterman with the title “New Approach Needed to IT, Says NIST’s Top Cyber Scientist,” which you can find at…

Are We Secure? And Other Ridiculous Questions

– I would expect that practically every infosec professional has been asked at one time or another “Are we secure?” by non-technical senior executives. Technical executives know better than to ask the question. But what is an appropriate answer? If you say “Yes” you have assumed all…

Safety and the Airbag Supply Chain

– It came as quite a surprise to read that Toyota, Volkswagen, Fiat Chrysler, Mitsubishi and possibly other automakers “continue to sell new vehicles with defective Takata airbags” … see Hiroko Tabuchi’s article, “Airbags with Flaws Still Used in New Cars,” on the first Business Day page…