This page is part of a Security School lesson, featuring a selection of expert technical content on this topic. Explore more in this school:
5. - About the expert: Read more in this section
- Mike Rothman, Contributor
Explore other sections in this guide:
Mike Rothman is President and Principal Analyst of Securosis, an independent information security research firm. Having spent more than 15 years as an advocate for global enterprises and mid-sized businesses, Mike's role is to educate and stimulate thought-provoking discussion on how information security contributes to core business imperatives.
Prior to Securosis, Mike was the founder of boutique consultancy Security Incite, was the first network security analyst at META Group and held executive level positions with CipherTrust, TruSecure, and was a founder of SHYM Technology. Mike is a frequent contributor for TechTarget and a highly regarded speaker on information security topics. Keep track of Mike's musings via The Daily Incite newsletter.
Do you have a question for our experts?
Contributions from Mike Rothman, Contributor
- How to migrate from SAS 70 to ISO 27001
- How to prevent audit-logging system from storing passwords?
- COSO and COBIT: The value of compliance frameworks for
- Should PCI DSS auditors be subjective?
- Should all members of a security staff be involved in the risk assessment process?
- Outbound content filtering requires products and proces
- Best practices for implementing a retention policy
- What is the difference between a SAS 70 Level 1 and Level 2 audit?
- Strategies for landing a security management position
- Should ISO 17799 play a role in risk assessment?
- Understanding PCI DSS compensating controls
- Do personal issues within a company pose a risk to the enterprise?
- What is the best organizational model for an IT security staff?
- Reacting to a business partner's insider threat
- What are the pros and cons of using an email encryption gateway?
- How can a CSO determine if a company has a data security problem?
- Can watching online videos present enterprise security risks?
- What are the best security practices to consider when developing a corporate blog?
- What policies will prevent employees from leaking sensitive data?
- Preparing for virtualization security unknowns