Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Category Archives: CSO/CISO Perspectives

Balancing Security, Privacy and Secrecy

– Recently, I read the National Security column, “We Need More Secrecy: Why government transparency can be the enemy of liberty,” by David Frum in the May 2014 issue of The Atlantic magazine. It reminded me that I had proposed adding the word “secrecy” to the title of a 2009 book that I…

Cyber Risk Bubble Babble

– Much has been written and said about the recurrence of a bubble in Internet stocks and its imminent bursting. Significant declines in some stock  prices have already taken place … as described in the article by Rolfe Winkler, Matt Jarzemsky and Evelyn Rusli, “Tech-Stock Drop Hits Startup…

Aviation Security

– The loss of the Malaysia Airlines Boeing 777 flight MH370 has raised general interest in the issue of aircraft system security in addition to the usual focus on aircraft safety. While I did spend some time on the security of avionics in my book “Engineering Safe and Secure Software Systems”…

Heartbleed Lessons – FST and Lab Certification

– There has been much written following the “discovery” of the Heartbleed bug that plagues OpenSSL … some informative, some constructive, some neither. Perhaps the most useful article to date is one published on April 18, 2014, which was written by Nicole Perlroth of The New York Times…

Heartbleed, Open Source, and Internet Security

– On page A5 of the April 24, 2014 issue of The Wall Street Journal, there is a full page “Paid Advertisement” with the title “Internet Security and Heartbleed.” The ad, which is in the form of a letter from Klaus Brandstätter, CEO of software company HOB, touts HOB-SSL as a replacement for…