In-House Software Development — Is it Worth the Risk?

Nowadays, data breaches are a subject of conversation at dinner tables and in boardrooms. Cyber insurance premiums to cover these breaches are skyrocketing. Recent surveys and breach reports have highlighted the challenges with software security. The 2015 Annual Verizon Data Breach Investigations Report points out that applications are the number one attack vector leading to…

Details

What Is an Act of War?

I went to the Educause Security Professionals Conference last week.  I have been going to this conference for many years and always take home something useful.  This year, James Bamford, best known as an expert on the NSA, gave the keynote address.  His talk was about how America has lost control of this secret and…

Details

Booth Babes Banned at RSA – A CSO’s View

While I was unable to attend RSA this year, after reading Chenxi Wang’s LinkedIn post on ‘Booth Babes’, I have to say… It’s about damn time. To briefly recount a personal experience, several years ago, while walking this same Moscone floor, I was quite literally almost run over by a lycra-wearing ‘policewoman’ buzzing around the expo floor…

Details

Truly Positive About True Negatives

Bayes’ Theorem essentially measures the degree of belief, or certainty in something.  The Cybersecurity industry has been challenged with the idea of sensitivity and specificity for quite some time.  In computer science this can be codified via binary classification (decision trees, Bayesian networks, support vector machines, neural networks). Many industry Cybersecurity solutions will be relegated…

Details