|
|
 |
 |
 |
 |
|
|
On this page you will find links to computer security articles by Stephen and Chey Cobb, and friends. There are also reading suggestions covering many aspects of computer security and data protection.
New Links
* Stephen's "Dataflation" Slides from Interop Moscow, 2006
This Microsoft Powerpoint PPS file is about 300K.
* Economics and Security Resource Page
Maintained by Ross Anderson, Prof. of Security Engineering at Cambridge University. We think applying economics to security could lead to important security improvements.
New! Podcasts
| Check out our free podcasts on security and privacy. More will be added as they become available. To subscribe via RSS, iTunes, etc. click here. |
Other Help Sections
* Secure Broadband for Business
Travelers
* Government Help with Information Security
* 2005: The Year of Dataflation
* When Things Go Wrong: Incident Management Made Easier
* Florida's Identity Theft Kit
* Computer Users or Computer Operators?
Background: Vast amounts of information about people are now stored on personal, company, and government computers. That information is at risk, ranging from inadvertent and embarrassing exposure to intentional and harmful misuse. These days, every responsible member of society should understand the basics of computer security; those who handle personal information in their jobs should know how to protect it. To this end we provide the security learning resources on this site free of charge.
We believe that a person who uses a computer is a computer operator, not a computer user, just as someone who drives a car is a driver, not a passenger. Computer operators should know how to implement computer security, to protect themselves, their families, and their employers.
Furthermore, the millions of personal computers that now are connected to the Internet with "always-on" broadband connections pose a very real threat to the critical infrastructure of any computer-dependent country, unless they are properly protected by responsible operators. Therefore, we believe that every person who 'uses' a computer has a duty, to their country and to their fellow citizens, to protect from abuse the computers they use.
Resources
Free Computer Security Articles: On viruses, CISSPs, cookies, denial of service, disaster recovery, penetration testing, etc. Includes link to weekly NewsScan columns.
Cobbs' Comments on HIPAA Security Rule: On Stephen's Privacy for Business web site (Acrobat pdf file).
Computer Security Books: Some suggested reading.
Glossary of Computer Security Terms: Helpful if you are looking for a quick explanation of a term or phrase used in discussion of computer security issues.
Back to Top ][ Need Security Advice?
Although some of these articles date back several years, much of the advice they provide is still valuable. In some cases, the age of the article itself is significant, showing when red flags were first raised and providing proof that many of today's problems have been with us for some time.
Secure Broadband for Conferences and Business Travelers: An article by Chey Cobb, Newsscan 2004
Spam and Mobile Malicious Code: A Five Minute Talk by Stephen Cobb, Exclusive to the Web site
A Prozac Moment in Privacy and Marketing: Article, Stephen Cobb, CISSP, first appeared in the Marketing Research Association Newsletter (Adobe Acrobat pdf file)
Stephen and Chey on InfoSec: Newsscan and IAPO: Links to weekly columns (2002-2003) and slides
The Silent Threat of Outbound Email: by Stephen Cobb, CISSP, First published in Internet Security Advisor
Privacy Advisor - Preventing E-mail Privacy Snafus
Author: Stephen Cobb, CISSP
Privacy KnowledgebaseThe Value of Privacy Training
Author: Stephen Cobb, CISSP
TRUSTE Newsletter, November 2002 The flip side of the wireless explosion: Dealing with WAP-gap security risks
Author: Stephen Cobb, CISSP First published in Sun Server magazine, January, 2001
Data Storage Basics: What you don't know can hurt you
Author: Chey Cobb, CISSP Web site exclusive!
Privacy Versus Security
Author: Mike Cobb, MCDBA, CISSP Read online at Advisor.com
Layers, cycles and people: An approach to securing Windows
Author: Stephen Cobb, CISSP First published in Compaq Enterprise, July, 2000, Describe's David Brussin's 3-later analysis.
Access control meets 'need-it-now' challenge
Authors: Stephen Cobb, CISSP, Bernie Cowens, First published in HP Chronicle November 2000
Firewalls 95: A Blast From the Past
Author: Stephen Cobb, CISSP, First published in BYTE Magazine, October, 1995
InfoSec 96: A Blast From the Past,
Author: Stephen Cobb, CISSP, First published in February, 1996
Springing Into Action,
Author: Stephen Cobb, CISSP, Michael Miora, CISSP
First published in Information Security Magazine
The Mother of All Security Standards?,
Author: Stephen Cobb, CISSP
First published in Internet Security Advisor
Making the Right Choice: Innovations in Internet Security,
Author: Stephen Cobb, CISSP
Paper for Internet Banking Technologies conference, London, 1999
Virus and Anti-Virus,
Author: Stephen Cobb, CISSP, First Published in Information Security News
What Does CISSP Mean?,
Author: Stephen Cobb, CISSP, Exclusive to web site
Denial of Service: What Does It Mean?
Author: Chey Cobb, CISSP & Stephen Cobb, CISSP
Published in Infosecurity News
Today's Security Drivers
Author: Stephen Cobb, CISSP
Published in early 2000, pointing to the role of privacy
Professional Penetration Testing For Better Security
Author: David I. Brussin, CISSP, MCP Exclusive to the Web
How To Maximize NT Security
Authors: David I. Brussin, CISSP, Stephen Cobb, CISSP
Exclusive to the Web
Notebook Security: Light Weights Can Equal Heavy Losses
Author: Stephen Cobb, CISSP
Originally published in HP Chronicle, 2000
Web Site Security & Certification 1996
Author: Stephen Cobb, CISSP Originally published 1996
NT Security -- By the Book
Author: Stephen Cobb, CISSP
Originally published 1997, updated 2000
Building Trust and Security for Commerce on the Web
Author: Stephen Cobb, CISSP
Originally published in the EDI Journal, 1996
Myths and Magic: Stealth Attacks on the Internet
Author: Michael Miora, CISSP Published in Carolina Computer News, September 1997
Locking Your Cookies in the Oven
Author: Michael Miora, CISSP Published in Carolina Computer News, August 1997
Private Email On The Internet
Author: Michael Miora, CISSP Published in Carolina Computer News, July 1997
An ISP Attacks Its Users
Author: Michael Miora, CISSP Published in Carolina Computer News, June 1997
Protecting the Enterprise: Systems in Reserve
Author: Michael Miora, CISSP Published in Carolina Computer News, May 1997
Seven Steps to Safety
Author: Michael Miora, CISSP Published in Carolina Computer News, April 1997
Satan's Survey
Author: Michael Miora, CISSP Published in Carolina Computer News, March 1997
Security Awareness is Rising while Security Protections are Falling
Author: Michael Miora, CISSP
Published in Carolina Computer News, January 1997
Stop Signs, Barricades and Firewalls: Protecting your Systems on the Internet
Author: Michael Miora, CISSP
Published in Carolina Computer News, December 1996
Disaster Recovery And The Information Superage
Author: Michael Miora, CISSP Published in Carolina Computer News, November 1996
Surfing the Net and Other Dangerous Computer Tricks
Author: Michael Miora, CISSP Published in Carolina Computer News, October 1996
Quantifying the Business Impact Analysis: A New Paradigm
Author: Michael Miora, CISSP Published in Carolina Computer News, September 1996
The CIO's Role in Preparing for Disaster Recovery
Author: Michael Miora, CISSP Published in EDI World, 1995
A Network in the Ether: Wireless Communication Enhances Disaster Recovery
Author: Michael Miora, CISSP
Published by Disaster Recovery Journal (DRJ), 1994
Disaster Recovery: The First Three Days
Author: Michael Miora, CISSP Originally published in the Association of Contingency Planners (ACP) Newsletter, 1994. Reprinted in various journals and magazines.
Disaster Recovery: Can Palmtop Computers Protect Your Business?
Author: Michael Miora, CISSP Published in PEN Magazine, 1994
Back to Top ][ Need Security Advice?
Computer Security Handbook, Fourth Edition: Edited by Sy Bosworth and Mich Kabay. Contains chapters by Chey Cobb, Stephen Cobb, Michael Miora, David Brussin. "A "must have" for InfoSec newbies and professionals."
Microsoft IIS Security: Co-authored by Mike Cobb, CISSP, MCDBA. Very readable guide to protecting web sites built with IIS.
Network Security for Dummies: bBy Chey Cobb, CISSP. What you need to know to protect your home, office, or enterprise network, presented in an accessible format.
Data Protection Reading List: Placed on Amazon by Stephen Cobb, CISSP, author and ePrivacy Group's Senior VP of Research & Education.
Internet Privacy for Dummies: Co-authored by Ray Everett-Church, CPO for ePrivacy Group, this book maps out the issues for those concerned about privacy on the Internet.
Database Nation, Simson Garfinkel: Co-authored by Simson Garfinkel, Senior Strategist and Advisor for ePrivacy Group, this is the best place to start if you are interested in privacy in the 21st century. Includes a detailed examination of current database practices and their relationship to privacy.
CPO Reading List: Provided on Amazon.com by Ray Everett-Church, recommends 18 titles for those who need to know about privacy.
