HNS MAIN FEED
Tuesday, 18:12 EST
- OpenDNSSEC 1.0.0 released
- Microsoft releases giant patch collection
- 81% percent of e-mail links to malware
- Unaware of the dangers, most teens share personal info online
- Data harvested from Facebook used in boiler room scams
- A closer look at USB Secure 1.3.0
- Safety tips for online dating
- Researcher hacks security encryption chip found on millions of PCs
- Is authenticated XSS a problem?
- Online shopping safety: Consumers hold retailers responsible
- Seagate ships the Savvio 10K.4 hard drive
- Political hacktivism and the exploitation of tragedies is on the rise
Interview with Scott Barman, author of "Writing Information Security Policies"
Who is Scott Barman? Introduce yourself to our readers.
I am the author of "Writing Information Security Policies," a book about the basis of any information security program. I am currently an information security and systems architecture analyst for The MITRE Corporation working to help the United States Internal Revenue Service modernize their IT infrastructure.
I have been involved with systems architecture information security for more than 20 years, nurturing the evolution of systems and their security requirements for commercial organizations and government agencies. Since the explosion of the Internet, and prior to joining MITRE, my focus has been on various areas of security and policy development for many organizations in the Washington, D.C. area. I have a Bachelor of Science degree from the University of Georgia and a Master of Information Systems Management with a concentration in Information Security Management from Carnegie Mellon University.
How did you get interested in computer security?
After the Internet Worm in 1988, where Robert Morris Jr. unleashed a worm that affected Sun and Digital systems running sendmail, I found myself curious as to why something like that could happen. I then started to study the writings of those who figured out how and why it worked and it intrigued me further. The more I read, the more I became interested in various areas of security. It was after reading the paper from Dr. Robert Morris Sr about the insecurity if TCP/IP was when I decided to shift my career.
What operating system(s) do you use and why?
At work, I have a company issued laptop running Windows 2000 Professional. At home I have a Macintosh PowerBook G3 running Mac OS X. It is a great little machine. In fact, I am writing this now on the Mac. I bought this machine from my company's surplus auction to see if I would like it. I love it! Now I want the new 17-inch Titanium PowerBook. And the fact that it is UNIX under the hood helps--I am an unapologetic UNIX bigot!
I also have a Dell that runs Windows 2000 and SuSE Linux. I keep the Windows partition for some legacy applications.
How long did it take you to write "Writing Information Security Policies " and what was it like? Any major difficulties?
That is a harder question than it would appear. I started writing the book in the Summer of 2000 while finishing graduate school at Carnegie Mellon. My wife, Elisa, and I moved back to the Washington, DC area only to have disaster strike. In November, Elisa was diagnosed with cancer. She died the following April.
1 | 2 | 3 | Next page >>
- A closer look at USB Secure 1.3.0
- Is authenticated XSS a problem?
- A closer look at File Encryption XP 1.5
- Corporations should follow the goverment's lead on attribution of cyberattacks
- IDS legacy is institutionalized failure
