Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Category Archives: Information Security News

You Say “ISAC,” I Say “ISAO”

– The White House sponsored a “Summit on Cybersecurity and Consumer Protection” at Stanford University on Friday the 13th of February, 2015 to discuss privacy, data protection and public-private cyber-threat information sharing. They invited the CEOs of major companies. Google, Facebook, Amazon…

Artificial Ignorance

– On the Op-Ed page of The New York Times of October 3, 2014, David Brooks wrote a column titled “Our Machine Masters,” which discusses how “artificial intelligence” (AI) might be used for good or evil. His thoughts about AI were prompted by the Pandora feeding him suggestions as to what…

Heartbled and Shellshocked … What Can We Do?

– Well, it happened again. A serious security bug was found in a piece of open-source code called Bash, which is integrated into such ubiquitous software packages as Linux, Mac OS and Apache, and potentially Android. This time the bug, which is called Shellshock, has supposedly been lurking…

CISOs Are Like Sheep to the Slaughter

– It took almost 10 years, but my claim that the role of the CISO is to take the blame when something goes awry, even if only marginally attributable to information security, goes awry has at last been substantially validated. Let’s scroll back to December 2004. I was a member of a panel of…

Heartbleed Lessons – FST and Lab Certification

– There has been much written following the “discovery” of the Heartbleed bug that plagues OpenSSL … some informative, some constructive, some neither. Perhaps the most useful article to date is one published on April 18, 2014, which was written by Nicole Perlroth of The New York Times…