Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Tag Archives: cybersecurity

Cybersecurity—Eliminating Vulnerabilities and Weaknesses at the Source: A Comparison with Malaria … and Ebola

– It has always bothered me that infosec professionals spend so much of their time chasing around after threats and vulnerabilities, many of which could have been avoided if only suitable requirements, design and hygiene had been observed at the outset. While this might seem like a simple concept,…

Beating Around the Proverbial Cybersecurity Bush

– If I’ve said it once, I’ve said it a thousand times … until we put real teeth into cybersecurity enforcement and insist upon serious personal legal consequences for those at the top, we won’t see improvement. We’ve beaten around the bush for far too long. How many more breaches,…

Cybersecurity is Failing … per Spafford

– Eugene Spafford, who is the highly-regarded executive director of the Center for Education and Research in Information Assurance and Security (CERIAS) at Purdue University, is well known for his outspokenness. This trait again came to the fore in a June 24, 2014 article “Security Expert:…

Executive Order on Cybersecurity … PDD 63 Déjà Vu

– President Obama’s “Executive Order – Improving Critical Infrastructure Cybersecurity” … available at http://www.whitehouse.gov/the-press-office/2013/02/12/executive-order-improving-critical-infrastructure-cybersecurity was a long time coming and, as my colleague Jason Healey pointed…

SEC-urity’s Catch 22

– On October 13, 2011, the Division of Corporation Finance (DCF) of the Securities and Exchange Commission (SEC) issued CF Disclosure Guidance: Topic No. 2 – Cybersecurity, available at http://www.sec.gov/divisions/corpfin/guidance/cfguidance-topic2.htm . It provides the DCF’s “views…