Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Category Archives: General

Supply Chains Mean (Cyber) War

– Author’s note: Since this column was originally written, another “scandal” broke around the use by third-party suppliers of North Korean gold, affecting such companies as Hewlett-Packard Co. and IBM, as described by Joel Schectman in the Risk & Compliance Journal section of The Wall…

Balancing Security, Privacy and Secrecy

– Recently, I read the National Security column, “We Need More Secrecy: Why government transparency can be the enemy of liberty,” by David Frum in the May 2014 issue of The Atlantic magazine. It reminded me that I had proposed adding the word “secrecy” to the title of a 2009 book that I…

Heartbleed, Open Source, and Internet Security

– On page A5 of the April 24, 2014 issue of The Wall Street Journal, there is a full page “Paid Advertisement” with the title “Internet Security and Heartbleed.” The ad, which is in the form of a letter from Klaus Brandstätter, CEO of software company HOB, touts HOB-SSL as a replacement for…

My Heart-bleed[s] for Open Source and Monocultures

– To all supporters of ubiquitous open-source software … my sincere condolences. Who would have thought that the innocent mistake of a volunteer programmer trying to “improve” OpenSSL, and which was subsequently missed by a volunteer tester, would have led to what may turn out to have been…

It’s About Time … Tamper-Proofing Aircraft Systems

– It took a while after the disappearance of flight MH370 and a series of harebrained conspiracy theories … a month in fact … before the necessity to tamper-proof avionics became a topic for discussion. For example, Andy Pasztor and Jon Ostrower wrote a piece in The Wall Street Journal…