Mike Rothman is President of independent research firm Securosis. His bold perspectives and
irreverent style are invaluable as companies determine effective strategies to grapple with the
dynamic security threatscape. Mike specializes in the "sexy" aspects of security, like protecting
networks and endpoints, security management, and compliance. After 20 years in and around security,
he’s one of the guys who “knows where the bodies are buried” in the security space. Mike published
“The Pragmatic CSO” in 2007 to introduce technically oriented security professionals to the nuances
of what is required to be a senior security professional. Securosis Blog
Contributions from Mike Rothman, Contributor
- How can organizations secure implanted microchips and RFID tags?
- Any recommendations for recruiting information security pros?
- During a breach, how much information should be given out?
- What's the best way to get started mapping business processes to security frameworks?
- I am concerned that a former employee will utilize corporate information in a malicious way.
- Is it necessary to grant a full administrative privileges to a security administrator?
- Penetration testing: Helping your compliance efforts
- Is it important to hold fraud-training sessions during a fraud-risk analysis?
- My computer's serial number was reported stolen. Will I face legal repercussions?
- What criteria should I look for in a service provider to help my government agency comply with FISMA
- What are the possible benefits of microchip implants and RFID tags for employees?
- Worst practices: Recognizing the biggest compliance mis
- Is it against HIPAA regulations to permanently store sensitive information?
- How to prevent software piracy
- Two-tier distributed systems vs. three-tier distributed systems
- Does SOX provision email archiving?
- Incident response success in five quick steps
- How would you meet PCI requirement 2.3 when it comes to terminal service or RDP sessions?
- Is it against HIPAA regulations to print SSNs on an insurance card?
- How would you define the responsibilities of a data custodian in a bank?