This page is part of a Security School lesson, featuring a selection of expert technical content on this topic. Explore more in this school:
5. - About the expert: Read more in this section
- Mike Rothman, Contributor
Explore other sections in this guide:
Mike Rothman is President and Principal Analyst of Securosis, an independent information security research firm. Having spent more than 15 years as an advocate for global enterprises and mid-sized businesses, Mike's role is to educate and stimulate thought-provoking discussion on how information security contributes to core business imperatives.
Prior to Securosis, Mike was the founder of boutique consultancy Security Incite, was the first network security analyst at META Group and held executive level positions with CipherTrust, TruSecure, and was a founder of SHYM Technology. Mike is a frequent contributor for TechTarget and a highly regarded speaker on information security topics. Keep track of Mike's musings via The Daily Incite newsletter.
Do you have a question for our experts?
Contributions from Mike Rothman, Contributor
- Getting your career in infrastructure security started
- What is the best way to comply with PCI DSS requirements 9 and 10?
- Will an off-site employee exit procedure violate HIPAA regulations?
- Why you shouldn't wager the house on risk management mo
- Is it a violation of HIPAA to collect consumer Social Security numbers?
- How can a corporation assess the costs of whole-disk encryption?
- Industry experience vs. security certification credentials
- PCI DSS emergency: What to do if you're (very) late to
- What are the security risks of a corporate divestiture?
- Who is responsible for handling security program development in an IT infrastructure?
- How to buy security products: Eight steps to not losing
- Protecting consumer data with a fraud and risk assessment policy
- What types of software can help a company perform a security risk assessment?
- How can I get my CISSP certification?
- Is encrypting cookies a PCI DSS requirement?
- What are the proper procedures for handling a potential insider threat?
- Can a vendor be convinced to add security to its application development process?
- Are senior level executives a target for social engineering attacks?
- PCI Pain: Is it time for an overhaul?
- Defining your security certification objective