The Weakest Link written by Allan Pomerantz

Allan Pomerantz

Allan Pomerantz is the Chief Information Security Officer for the Philadelphia Stock Exchange, the Nation’s oldest.

Allan is responsible for the creation and distribution of Information Security Policies approved by executive management. In addition, he conducts employee awareness and training programs which emphasize avoiding Social Engineering and Phishing Scams.

In addition, in conjunction with the various technical system administration units, he is responsible for developing and implementing PHLX’s Defense in Depth Strategy which involves hardware, software, policies, and education.

Allan holds the CISSP and CISM designations and is a member of ISSA and Infragard.

He is a graduate of Penn State University with an MBA from Drexel University.

E-Discovery: Stick ’em Up

– This column is not strictly about information security, although IS has a role to play. Rather, it is covers a topic that should be of significant interest to the people normally concerned with IS – information technology, compliance, and especially the CFO and the CFO. First, a disclaimer. The…

Medical Identity Theft: Your Money or Your Life

– What could be worse than ID theft of your financial identity? After all, you could lose thousands of dollars, spend days on the phone with financial institutions, credit bureaus, and merchants. Your interest rates could climb on your credit card debt due to the practice of “universal default”…

The Password Dilemema: Improving the Mundane

– The weaknesses of passwords used for authentication and authorization are well known. In fact, many security experts feel that using a password as the only means of accomplishing these goals constitute “worst practices.” As a result, some higher risk entities (banks, governments, etc.) are…

Human Fallout and the Security Impact of the Sub Prime Crisis

– By now everyone heard of, or should I say felt, the impact of the Sub-prime crises on the economy as a whole and on US financial institutions. In particular, the big banks have been affected by having to write off billions of dollars in losses. In order to help restore their balance sheets, these…

Intentional Security Blindness

– In previous columns I talked about two types of employees, contractors, and the like who could cause your organization harm through poor security practices resulting in loss of data, money, or trade secrets, etc. The first type were people who caused such losses inadvertently through security…