Joel Rosenblatt

Director of Computer and Network Security

Columbia University


Using Metrics to Improve Your Security Program – Part 2

Posted on: 08 Jan 2018

In my previous article, I tried to cover why metrics are an important part of your security program and some of my beliefs about how metrics should be created and…

Using Metrics to Improve Your Security Program

Posted on: 02 Jan 2018

So…you are responsible for the computer security of your organization. You probably have many great ideas on how to do this. You start looking around for products and services to…

Is Your Next Security Failure One Fat Finger Away?

Posted on: 12 Mar 2017

The first week of March in 2017 will be remembered as the time that AWS (Amazon Web Services) failed. The actual failure was in the Amazon Simple Storage Service (S3), but…

Hacking the Election – The Emperor’s New Clothes

Posted on: 31 Oct 2016

Normally, I would never talk about politics, and this story will not be an exception.  However, the analogy here is too good for me to pass up. Let’s say that…

What Happens When the Virtual World Becomes Real?

Posted on: 18 Aug 2016

I read an interesting article the other day about a talk at DEF CON – Thermostat Ransomware: A Glimpse into the Future of Crime in Cities It was about how the…

Going Down the Slippery Slope

Posted on: 29 Jun 2016

One of the most useful things to me in trying to secure an enterprise like Columbia University is information, and the more information, the better.  This means that for most…

Security: It’s Not the Speed that Kills

Posted on: 01 Jun 2016

My friend Randy Marchany tweeted a link to an article “Millennials Value Speed Over Security, Says Survey”  that started me thinking about the apparent conflict between speed and security.  If…

It’s the Data, Stupid

Posted on: 10 May 2016

I was looking at Facebook the other day (yes, I know – a security guy that uses Facebook – just wait until you have grandkids and a scary message appeared…

Security is Not a Thing

Posted on: 06 Apr 2016

This seems to be the time of year that everyone is holding a security conference.  I will be attending eight from January through the end of April (and speaking at…

First Sharknados, Now Cyber Pathogens – What’s Next?

Posted on: 05 Mar 2016

I guess it’s time to admit that I might be getting older.  When will the adults of the world take back the media and create a Bull S*** rating system. …