Security Management Strategies for the CIO
Mike Rothman is President of independent research firm Securosis. His bold perspectives and
irreverent style are invaluable as companies determine effective strategies to grapple with the
dynamic security threatscape. Mike specializes in the "sexy" aspects of security, like protecting
networks and endpoints, security management, and compliance. After 20 years in and around security,
he’s one of the guys who “knows where the bodies are buried” in the security space. Mike published
“The Pragmatic CSO” in 2007 to introduce technically oriented security professionals to the nuances
of what is required to be a senior security professional. Securosis Blog
Contributions from Mike Rothman, Contributor
- Will an off-site employee exit procedure violate HIPAA regulations?
- Why you shouldn't wager the house on risk management mo
- Is it a violation of HIPAA to collect consumer Social Security numbers?
- How can a corporation assess the costs of whole-disk encryption?
- Industry experience vs. security certification credentials
- Who is responsible for handling security program development in an IT infrastructure?
- What are the security risks of a corporate divestiture?
- Protecting consumer data with a fraud and risk assessment policy
- How can I get my CISSP certification?
- What types of software can help a company perform a security risk assessment?
- Is encrypting cookies a PCI DSS requirement?
- Can a vendor be convinced to add security to its application development process?
- What are the proper procedures for handling a potential insider threat?
- Are senior level executives a target for social engineering attacks?
- Defining your security certification objective
- How to prevent audit-logging system from storing passwords?
- How to migrate from SAS 70 to ISO 27001
- COSO and COBIT: The value of compliance frameworks for
- Should PCI DSS auditors be subjective?
- Should all members of a security staff be involved in the risk assessment process?