Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Category Archives: CSO/CISO Perspectives

Cybersecurity—Eliminating Vulnerabilities and Weaknesses at the Source: A Comparison with Malaria … and Ebola

– It has always bothered me that infosec professionals spend so much of their time chasing around after threats and vulnerabilities, many of which could have been avoided if only suitable requirements, design and hygiene had been observed at the outset. While this might seem like a simple concept,…

Heartbled and Shellshocked … What Can We Do?

– Well, it happened again. A serious security bug was found in a piece of open-source code called Bash, which is integrated into such ubiquitous software packages as Linux, Mac OS and Apache, and potentially Android. This time the bug, which is called Shellshock, has supposedly been lurking…

Beating Around the Proverbial Cybersecurity Bush

– If I’ve said it once, I’ve said it a thousand times … until we put real teeth into cybersecurity enforcement and insist upon serious personal legal consequences for those at the top, we won’t see improvement. We’ve beaten around the bush for far too long. How many more breaches,…

NASDAQ Hack and the Failure of InfoSec

– The front cover page of the July 21-27, 2014 issue of Bloomberg Businessweek magazine screams out “THE NASDAQ HACK.” The headline refers to the lead article by Michael Riley with the title “How Russian Hackers Stole the Nasdaq: It was easier than you think.” The article describes, in great…

A “Fluid and Pragmatic” Approach to Security

– It really is disheartening to read time after time about the inadequacies of the information security approaches upon which we so heavily depend. A brief interview of Moti Yung by Laura DiDio in the July 2014 issue of the Communications of the ACM is one such article. Dr. Yung is known for his…