Mike Rothman is President of independent research firm Securosis. His bold perspectives and
irreverent style are invaluable as companies determine effective strategies to grapple with the
dynamic security threatscape. Mike specializes in the "sexy" aspects of security, like protecting
networks and endpoints, security management, and compliance. After 20 years in and around security,
he’s one of the guys who “knows where the bodies are buried” in the security space. Mike published
“The Pragmatic CSO” in 2007 to introduce technically oriented security professionals to the nuances
of what is required to be a senior security professional. Securosis Blog
Contributions from Mike Rothman, Contributor
- How to prevent audit-logging system from storing passwords?
- How to migrate from SAS 70 to ISO 27001
- COSO and COBIT: The value of compliance frameworks for
- Should PCI DSS auditors be subjective?
- Best practices for implementing a retention policy
- Should all members of a security staff be involved in the risk assessment process?
- Outbound content filtering requires products and proces
- What is the difference between a SAS 70 Level 1 and Level 2 audit?
- Strategies for landing a security management position
- Should ISO 17799 play a role in risk assessment?
- Understanding PCI DSS compensating controls
- Do personal issues within a company pose a risk to the enterprise?
- What is the best organizational model for an IT security staff?
- Reacting to a business partner's insider threat
- How can a CSO determine if a company has a data security problem?
- What are the pros and cons of using an email encryption gateway?
- Can watching online videos present enterprise security risks?
- What policies will prevent employees from leaking sensitive data?
- What are the best security practices to consider when developing a corporate blog?
- Preparing for virtualization security unknowns