Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Category Archives: Risk Analysis

Algorithms and Risk Profiling

– I had begun this column a couple of months ago, but was diverted to other topics. What brought me back to the subject was a column by Sheelah Kolhatkar with the title “Higher Mathematics – Algorithm Blues” in “The Talk of the Town” section of The New Yorker of October 10, 2016. The…

Encryption and the Dark Side

– The saga continues … as it should and will. A front page article appeared in the May 17, 2016 issue of The New York Times, by Paul Mozur and Jane Perlez, with the title “Chinese Panel Quietly Grills Silicon Valley: Apple and Others Face Security Checks.” It describes the retaliation that was…

A “Fluid and Pragmatic” Approach to Security

– It really is disheartening to read time after time about the inadequacies of the information security approaches upon which we so heavily depend. A brief interview of Moti Yung by Laura DiDio in the July 2014 issue of the Communications of the ACM is one such article. Dr. Yung is known for his…

Supply Chains Mean (Cyber) War

– Author’s note: Since this column was originally written, another “scandal” broke around the use by third-party suppliers of North Korean gold, affecting such companies as Hewlett-Packard Co. and IBM, as described by Joel Schectman in the Risk & Compliance Journal section of The Wall…

Heartbleed Lessons – FST and Lab Certification

– There has been much written following the “discovery” of the Heartbleed bug that plagues OpenSSL … some informative, some constructive, some neither. Perhaps the most useful article to date is one published on April 18, 2014, which was written by Nicole Perlroth of The New York Times…