Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Tag Archives: application security

Team Communications—Same Tune, Different Song

– There’s an interesting article in the September 2016 issue of the Communications of the ACM by Kate Matsudaira with the title “Bad Software Architecture Is a People Problem: When people don’t work well together they make bad decisions.” The article essentially describes many issues with…

Coding? OK … But Security? Ha!

– Bloomberg Businessweek did something amazing. It devoted an entire double issue (June 5-28, 2015) to computer programming. Paul Ford’s 38,000-word essay “The Code Issue” describes the origins and history of computer programming and programming languages with the intention of educating those…

Cyber Risk Bubble Babble

– Much has been written and said about the recurrence of a bubble in Internet stocks and its imminent bursting. Significant declines in some stock  prices have already taken place … as described in the article by Rolfe Winkler, Matt Jarzemsky and Evelyn Rusli, “Tech-Stock Drop Hits Startup…

Missed by NIST

– NIST (The National Institute of Standards and Technology) issued for comments a “Discussion Draft of the Preliminary Cybersecurity Framework” on August 28, 2013, available at www.nist.gov/itl/cyberframework.cfm The draft document is the result of the Presidential Executive Order (EO) on…

Where Are the AppSec Candidates?

– I recently gave a presentation at the 2013 IEEE LISAT (Long Island Science, Applications and Technology) Conference on “Mitigating the Risks of Cyber-Security Systems.” First, I pointed out the important differences in definitions of cyber-security systems … some (such as the National…