Information Security

Defending the digital infrastructure


Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Editor’s desk: A chat with Peter G. Neumann

Peter G. Neumann shares his thoughts on the inherent complexity of trustworthiness and the evolutionary promise of clean-slate architectures.

We are honored this month to feature a Q&A with security pioneer Peter G. Neumann, who has logged more than 40 years at non-profit SRI International’s Computer Laboratory in Palo Alto, Calif., researching computer security platforms and trustworthy systems. Neumann is interviewed by fellow security system design expert and ISM columnist, Marcus Ranum, who shares similar views on the need for clean-slate architectures and a do-over on security to prevent unreliable systems and short-term solutions to far-sighted security problems.

After 60 years in the industry, Neumann is still at it; working on clean-slate architectures with Robert N. Watson of Cambridge University’s Computer Laboratory, who developed Capsicum (POSIX API), which supports “object-like” security on Unix-like operating systems.

Incremental adoption by developers is the way forward, Neumann told Ranum. “Capsicum and our current workshow that clean-slate architectures need not throw away everything and start from scratch, but rather that there are some evolutionary paths, if we can constructively build bottom-up from better hardware architectures.”

Another area that could use re-architecting is how organizations approach a tangled web of compliance and risk management issues.  If you secretly groan at the slightest rumblings of new security regulations, VerSprite managing partner Tony UcedaVelez outlines an integration strategy in this month’s cover story, designed to reset the thinking around compliance and risk management, and hopefully ease some of the financial strain.

It starts with re-architecting how and when compliance efforts get achieved, he explains. Addressing compliance, security and business objectives from the ground up and establishing new workflows—and checkpoints—can be attained through risk-centric modeling frameworks, such as the Process for Attack Simulation and Threat Analysis (PASTA).

“Stage 1 of PASTA provides an opportune time for CISOs, business managers  and compliance analysts, among others, to truly understand how regulatory requirements in NERC CIP, PCI-DSS or HIPAA HiTECH impact proposed changes for the business in terms of services or product deliveries,” he writes.

In addition to compliance, most companies have to address the Apple security question now at the center of mobile device management. Karen Scarfone, a frequent contributor to and principal consultant for Scarfone Cybersecurity, tackles the hotly debated topic of Apple security in this issue. Despite the low incidence of reported malware—make that zero for iOS outside of jailbroken phones—the company continues to face scrutiny, fueled by a series of high profile security blunders.

While Apple may not be a decade into a Trustworthy Computing initiative, which offers assurances at some level to Microsoft’s enterprise base; the Cupertino-based company continues its Steve Jobs fueled juggernaut among an enthusiastic base that largely deems its products safe.

“Organizations should use later models of hardware to take advantage of the latest operating system versions and their corresponding security features,” advises Scarfone. “Newer iPhones strongly encrypt all stored data and use a hardware encryption key that is deleted when the phone is wiped, making it, essentially, impossible to recover the stored data.”

Despite the ongoing debate about Microsoft, Apple and other competitors’ tireless efforts to address vulnerabilities in their respective platforms before exploits infect users systems, an overwhelming number of today’s security problems are platform irrelevant,” notes Scarfone.

Finally, for those anticipating Verizon’s 2013 Data Breach Investigations Report, released in April, Ernie N. Hayden, the managing principal of Critical Infrastructure Protection and Cyber Security on Verizon’s RISK Team, discusses the “assumption of breach,” in his article on data breaches and the inevitable consequences. Security professionals and their bosses need to accept that they cannot protect all data, according to Hayden.

“CISOs should educate the executive team and board of directors on this philosophy and encourage their support for security actions necessary to protect the company’s key data,” he writes.

About the author: 
Kathleen Richards is the features editor at
Information Security magazine. Contact her at Send comments on this column to

Article 1 of 6
This was last published in May 2013

Dig Deeper on Secure software development

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

Get More Information Security

Access to all of our back issues View All