About Stephen Cobb, CISSP

Stephen Cobb
is an internationally renowned thought leader and entrepreneur in security and data privacy, involved with computer audit and information assurance for nearly a quarter of a century. Focused on maximizing the benefits of information technology to businesses, governments and communities through the reduction of IT-related fraud and risk, Stephen has been an active participant in a series of successful security startups, most recently funding the ground-breaking TurnTide anti-spam technology for which Symantec paid $28 million in July, 2004. In May of 2004, Stephen Cobb was appointed Chief Security Executive of STSN, the leading provider of wired and wireless broadband to hotels and conferences.

About the Internet, the Web, and PC Security

The World Wide Web barely existed when I started work on Stephen Cobb's Complete Guide to PC & LAN Security in 1989 (okay, so Tim Berners- Lee proposed the original project in March of 1989, at the European Particle Physics Laboratory, a.k.a. CERN, but I was living in San Francisco then, and the first browsers only went live at the end of 1990, at which point I had moved my family to Scotland, where connectivity meant 900 baud BBS dial-up if the sheep had not chewed through the phone line). However, some of the issues addressed in that book are as important today as they were then, largely due to the Web and the Internet. That is why I wrote the second edition, which is known as The Cobb/NCSA Guide to PC & LAN Security (both editions are published by McGraw- Hill)."

The fact is, the security of desktop computers was largely ignored back in 1989, just as companies were starting to use them to create local area networks (LANs). When my book came out in 1991 it was one of the first to address computer security from a desktop, rather than systems, perspective. Looking at things from a desktop angle revealed that LANs could be a big problem since they were built out of leaky boxes (PCs) that were never designed to be secure. But within a few years these LANs were being connected into WANs (Wide Area Networks), even before the security problems posed by LANs had been solved. Much of this can be explained by two factors, cost and marketing. LANs were seen as cheaper than traditional computing architectures and vendors were pushing them with great gusto. So LANs turned into WANs and suddenly everyone was talking "client/server" and going "mission critical" over inherently insecure hardware and software, with scarcely any thought for comprehensive enterprise-wide security mechanisms.

Then came the Internet, the GAN, the Global Area Network. And fortunately, it already had a reputation as an insecure environment. So anyone planning to connect to the Internet was bound to ask a few questions, like "Is it safe?" And when they went looking for answers they found that there was no point searching for safety out there on the Internet if you didn't have security nailed down in-house, back at the desktop, which is what The Cobb/NCSA Guide to PC & LAN Security is all about. So, in my humble opinion, before you start worrying about IP spoofing and other exotic threats to your computerized data, it makes sense to make sure that you have learned all of the lessons about basic desktop security.

[Click Here for Chapter 1]

[Click Here for PC LAN Security Home Page]
actually Tru-Secure, which is
what ICSA.net became
after it evolved out of
NCSA

This page updated November, 2001 by Stephen Cobb © Copyright, 1996-2001-2001, Stephen Cobb

This page updated November, 2001 by Stephen Cobb
© Copyright, 1996-2001-2001, Stephen Cobb