How Sarbanes-Oxley changed the information security profession


This article can also be found in the Premium Editorial Download "Information Security magazine: Reflections on the impact of Sarbanes-Oxley."

Download it now to read this article plus other related content.


8 More Security Stars

MARCUS RANUM Marcus Ranum has probably forgotten more about firewalls and network security than most have learned. Author of what is considered the first commercialized proxy firewall, the DEC SEAL in 1991, Ranum is an authority on UNIX networking and security. A decade ago, he co-founded Trusted Information Systems, which developed the TIS Gauntlet firewall and TIS Internet Firewall Toolkit, and hosted the first whitehouse.gov server. Ranum founded one of the first intrusion detection companies, Network Flight Recorder, in 1997. He is a frequent speaker at conferences, a USENIX and SANS instructor, and a contributor to Information Security. He is the chief of security for Tenable Network Security, home of the Nessus network scanner. At Tenable, Ranum is responsible for research in open source logging tools, and product training.


DAN GEER Dan Geer is praised as a pioneer in information security and a visionary when it comes to illuminating the need to tackle security as a risk management exercise. Notoriety came his way in 2003 when a report he co-authored, "CyberInsecurity: The Cost of Monopoly," argued against a software monoculture and that the ubiquity of Windows

    Requires Free Membership to View

was a threat to national security. The paper, released by the Computer & Communications Industry Association, cost Geer his position as CTO of @stake. But he resurfaced as VP and chief scientist at Verdasys, and he continues to be a prolific speaker at conferences and in testimony before lawmakers.


MARTY ROESCH Marty Roesch's pet project, the one conceived in the basement in his spare time, turned out OK. The open source Snort IDS, born in 1998, has become a juggernaut with more than 3 million downloads and is part of countless network security installations from small enterprises to giant defense systems. It was eventually commercialized when Roesch founded Sourcefire in 2001. Check Point Software Technologies tried to acquire Sourcefire last year, but the U.S. government squashed the deal over reported national security concerns. This year Sourcefire went public, one of the few security IPOs of the last five years.


DOROTHY DENNING Dorothy Denning is a cryptography and network security pioneer, a prolific writer and an educator. Currently Denning is a professor of defense analysis at the Naval Postgraduate School in Monterey, Calif. Her seminal 1998 book Information Warfare and Security was a vehicle for her research and opinions on terrorism and cyberwarfare. Denning was named a Time magazine innovator in 2001. She's probably best known for her groundbreaking 1987 paper "An Intrusion Detection Model" and for her support of the Clipper Chip in the early 1990s. During her time at SRI International, she and Peter Neumann worked on SeaView, a project to develop a model for a multilevel secure database system.


This was first published in January 2008

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: