Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Tag Archives: application security

Coding? OK … But Security? Ha!

– Bloomberg Businessweek did something amazing. It devoted an entire double issue (June 5-28, 2015) to computer programming. Paul Ford’s 38,000-word essay “The Code Issue” describes the origins and history of computer programming and programming languages with the intention of educating those…

Cyber Risk Bubble Babble

– Much has been written and said about the recurrence of a bubble in Internet stocks and its imminent bursting. Significant declines in some stock  prices have already taken place … as described in the article by Rolfe Winkler, Matt Jarzemsky and Evelyn Rusli, “Tech-Stock Drop Hits Startup…

Missed by NIST

– NIST (The National Institute of Standards and Technology) issued for comments a “Discussion Draft of the Preliminary Cybersecurity Framework” on August 28, 2013, available at www.nist.gov/itl/cyberframework.cfm The draft document is the result of the Presidential Executive Order (EO) on…

Where Are the AppSec Candidates?

– I recently gave a presentation at the 2013 IEEE LISAT (Long Island Science, Applications and Technology) Conference on “Mitigating the Risks of Cyber-Security Systems.” First, I pointed out the important differences in definitions of cyber-security systems … some (such as the National…

The (Sorry) State of Application Security

– In January 2011, research firm Forrester Consulting published a report, which was commissioned by Microsoft, with the title “State of Application Security: Immature Practices Fuel Inefficiencies, But Positive ROI Is Attainable.” The report is available for download at…