Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Tag Archives: software engineering

CISOs Are Like Sheep to the Slaughter

– It took almost 10 years, but my claim that the role of the CISO is to take the blame when something goes awry, even if only marginally attributable to information security, goes awry has at last been substantially validated. Let’s scroll back to December 2004. I was a member of a panel of…

It’s About Time … Tamper-Proofing Aircraft Systems

– It took a while after the disappearance of flight MH370 and a series of harebrained conspiracy theories … a month in fact … before the necessity to tamper-proof avionics became a topic for discussion. For example, Andy Pasztor and Jon Ostrower wrote a piece in The Wall Street Journal…

Fail Safe, Fail Secure … Revisited

– In my December 10, 2012 BlogInfoSec column “Fail Safe, Fail Secure,” I recounted the horrific collision of two high-speed passenger trains in Wenzhou, China on July 23, 2011, which left 40 dead and 192 injured. The root cause of the accident was found to be flawed signal boxes, which lacked…

Where Are the AppSec Candidates?

– I recently gave a presentation at the 2013 IEEE LISAT (Long Island Science, Applications and Technology) Conference on “Mitigating the Risks of Cyber-Security Systems.” First, I pointed out the important differences in definitions of cyber-security systems … some (such as the National…

Fail Safe, Fail Secure

– There is a particularly harrowing article about the catastrophic train crash that occurred when two high-speed trains collided in Wenzhou, China on July 23, 2011. Evan Osnos’s article “Letter from China: Boss Rail – The disaster that exposed the underside of the boom,” which appeared in…