Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Category Archives: General

A “Fluid and Pragmatic” Approach to Security

– It really is disheartening to read time after time about the inadequacies of the information security approaches upon which we so heavily depend. A brief interview of Moti Yung by Laura DiDio in the July 2014 issue of the Communications of the ACM is one such article. Dr. Yung is known for his…

Supply Chains Mean (Cyber) War

– Author’s note: Since this column was originally written, another “scandal” broke around the use by third-party suppliers of North Korean gold, affecting such companies as Hewlett-Packard Co. and IBM, as described by Joel Schectman in the Risk & Compliance Journal section of The Wall…

Balancing Security, Privacy and Secrecy

– Recently, I read the National Security column, “We Need More Secrecy: Why government transparency can be the enemy of liberty,” by David Frum in the May 2014 issue of The Atlantic magazine. It reminded me that I had proposed adding the word “secrecy” to the title of a 2009 book that I…

Heartbleed, Open Source, and Internet Security

– On page A5 of the April 24, 2014 issue of The Wall Street Journal, there is a full page “Paid Advertisement” with the title “Internet Security and Heartbleed.” The ad, which is in the form of a letter from Klaus Brandstätter, CEO of software company HOB, touts HOB-SSL as a replacement for…

My Heart-bleed[s] for Open Source and Monocultures

– To all supporters of ubiquitous open-source software … my sincere condolences. Who would have thought that the innocent mistake of a volunteer programmer trying to “improve” OpenSSL, and which was subsequently missed by a volunteer tester, would have led to what may turn out to have been…