Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Category Archives: software engineering

Did Markey Miss the Mark on Vehicle Hacking?

– The staff of Edward J. Markey, U.S. Senator for Massachusetts, issued a report on February 10, 2015, called “Tracking & Hacking: Security & Privacy Gaps Put American Drivers at Risk,” which is available at…

Putting Application Security into Context

– For some time now, I have wondered why InfoSec practitioners are paying so little attention to context with respect to application security and why InfoSec professionals and software safety engineers do not collaborate as much as they should. Then I read a column on the Op Ed page of The New York…

The Threat of Artificial Intelligence

– In a recent column I argued that general columnists, such as David Brooks, don’t understand enough about certain technologies, such as artificial intelligence (AI), to assess their impact properly. As a result AI is considered by the general public to be much more benign than some technologists…

Yet Another Case of Third-Party Breach Discovery

– On the front page of the Business Day section of The New York Times of November 1, 2014, is an article by Matthew Goldstein and Nicole Perlroth with the title “Luck Helped in Discovery of Breach at JPMorgan.” It never ceases to amaze me how few publicized data breaches are actually discovered…

Cybersecurity—Eliminating Vulnerabilities and Weaknesses at the Source: A Comparison with Malaria … and Ebola

– It has always bothered me that infosec professionals spend so much of their time chasing around after threats and vulnerabilities, many of which could have been avoided if only suitable requirements, design and hygiene had been observed at the outset. While this might seem like a simple concept,…