This page is part of a Security School lesson, featuring a selection of expert technical content on this topic. Explore more in this school:
5. - About the expert: Read more in this section
- Mike Rothman, Contributor
Explore other sections in this guide:
Mike Rothman is President and Principal Analyst of Securosis, an independent information security research firm. Having spent more than 15 years as an advocate for global enterprises and mid-sized businesses, Mike's role is to educate and stimulate thought-provoking discussion on how information security contributes to core business imperatives.
Prior to Securosis, Mike was the founder of boutique consultancy Security Incite, was the first network security analyst at META Group and held executive level positions with CipherTrust, TruSecure, and was a founder of SHYM Technology. Mike is a frequent contributor for TechTarget and a highly regarded speaker on information security topics. Keep track of Mike's musings via The Daily Incite newsletter.
Do you have a question for our experts?
Contributions from Mike Rothman, Contributor
- Getting your career in infrastructure security started
- What is the best way to comply with PCI DSS requirements 9 and 10?
- Will an off-site employee exit procedure violate HIPAA regulations?
- Why you shouldn't wager the house on risk management mo
- How can a corporation assess the costs of whole-disk encryption?
- Is it a violation of HIPAA to collect consumer Social Security numbers?
- What are the security risks of a corporate divestiture?
- PCI DSS emergency: What to do if you're (very) late to
- Who is responsible for handling security program development in an IT infrastructure?
- Industry experience vs. security certification credentials
- How to buy security products: Eight steps to not losing
- What types of software can help a company perform a security risk assessment?
- How can I get my CISSP certification?
- Protecting consumer data with a fraud and risk assessment policy
- Is encrypting cookies a PCI DSS requirement?
- Can a vendor be convinced to add security to its application development process?
- What are the proper procedures for handling a potential insider threat?
- Are senior level executives a target for social engineering attacks?
- PCI Pain: Is it time for an overhaul?
- How to prevent audit-logging system from storing passwords?