Cobb Associates: About

Site top menu:

Home | Articles | Blogs | News | | Slides | | Press | | About |

This page describes what Cobb Associates does and how you can get in touch with us.

Several sample projects are briefly described to give you an idea of the scope of the activities that we are capable of taking on for our clients.

You will also find notes about the web site design, which is based on a Open Source W3C validated XHTML template.

Where's the product?

We do not list products or services for sale on our site because every client has different needs. However, through us you can access all kinds of information security and business privacy consulting.

If you approach us with something that is outside of our focus, resources, or abilities, we will be the first to tell you, and the first to help you find top flight professionals who can meet your needs. Here are the areas in which we specialize and excel:

• Risk assessment, analysis of emerging threats.
• Enterprise security and privacy strategy.
• Information security and data privacy training.
• Awareness programs, on-line and in-person.
• Security product positioning and market growth through evangelism.
• Business continuity, enterprise resiliency, and incident management.
• Advice to security, privacy, and technology startups.

Sample Projects

Here are some examples of work we have done in the past:

• Performed detailed logical and physical security assessment of a multi-million dollar welfare applicant processing and fraud detection system for one of the largest welfare agencies in the United States (New York City). Evaluated proposed biometric authentication systems for system access and applicant verification. Reviewed proposed workplace and workstation access controls.

• Performed a risk assessment of major pharmaceutical company's plans to use Internet technology to communicate with doctors and patients including online prescription refills. Proved to client that costs of inadvertent exposure of personally identifiable medical information could not be hedged and system must be designed accordingly.
  
• Assessed user enrollment and authentication procedures for one of the world's largest stockbrokers (9,000 offices worldwide). Covered all aspects from assigning laptops to new employees to processes and procedures for granting and revoking permissions at multiple levels across diverse UNIX systems, Windows NT workstations, satellite links, and IBM mainframes. Provided cost-benefit analysis of single sign-on versus security staff increases.

• Created one year worth of quarterly information security awareness briefings (in-person) and materials (print and online) for all employees of the company responsible for the New York Stock Exchange computer system. Prepped security department employees for the CISSP exam.

• Analyzed cause of a widely-publicized medical privacy breach with respect to standards of due care, leading to a landmark federal government settlement which set precedents and penalties later applied to such companies as Microsoft and Guess.

• Created privacy awareness and regulatory compliance classes for one of the world's largest pharmaceutical companies. Delivered three on-site briefings in three different cities in four days to ensure all necessary staff got the same training in time for regulatory compliance.

• Created intermediate privacy and security training program for one of the world's largest Internet service providers. The program employed self-paced, interactive, online learning methods. Course completion was then required of all employees (Microsoft MSN).

• Created basic privacy and security training program for one of the world's largest mobile phone companies. Program employed self-paced, interactive, online learning methods. Course completion was required of all 14,000 employees.

Cobb associates have been engaged by organizations such as AT&T Wireless, Sprint, Microsoft MSN, New York City, Edward Jones, Securities Industry Automation Corporation, IBM, ICSA Labs, Hoover, Conoco, Lawrence Livermore National Laboratory, VNU Business Publications, Avery Dennison, Merck Medco, the National Reconnaissance Office, and the Federal Trade Commission.

Where are you?

Only an email away. Please use the following email address to reach us: sc at cobbassociates dot com. We have not included an email link or a properly formatted email address because it will only end up getting spammed (as you may have noticed, Bill Gates' promise that spam would be over by 2006 did not pan out). We hope to have a toll free number soon and when we do it will be placed here. We also accept faxes on +1 775 256 9558.

In terms of physical location we can be just about anywhere in 24 hours, traveling from our locations in either Florida or New York. Or, as one of our colleagues famously quipped when asked where he lived: "The Delta Crown Room."

About this site:

From 1996 to 2006, the home of Cobb Associates on the web was at cobb.com. In 2006 we began to feel the need to give Cobb Associates a more distinct identity and a fuller range of content with better navigation. Hence we created the cobbassociates.com domain and this site.

The underlying site layout and design is an open source template from the talented Andreas Viklund. The template is pure CSS validated as XHTML Strict. We downloaded it from Open source Web Design. We have customized the basic template in a couple of ways, notably a 'bottom of page' menu. This is a feature we find useful for site navigation. Of course, if any of the pages on this site no longer validate as strict XHTML then the fault is entirely ours.

One feature of this particular Andreas Viklund template that we liked was the small inter-site navigation tabs at the very top of the page which allow users to flip between a number of different web sites in which we have an interest. These are currently privacyforbusiness.com, scobbs.blogspot.com, the original cobb.com, and Stephen's personal pages at cobb.com.

Images and ideas:

The overall look of the site was embellished with our own choice of graphics. The main header image is a composite of a circuit board, a key, and a photograph of the ceiling at Sheremetyevo airport. The key image, stylized with binary code, is a fully licensed stock art file (Ablestock). We liked the look of this image for several reasons. The blade of the key roughly forms the letter S and the shape of the bow suggests the symbol for infinity. The circuitry image is a photograph of the controller board inside a dead hard drive.

The airport image was chosen for two reasons. We felt it looked like oil cans, giving a physical flavor to complement the logical imagery of binary numbers (hinting at the convergence of physical and logical security with echoes of global security and its dependence on petroleum). The other reason is that the image looked like a series of tubes and as we all know, that is what the Internet is made of (at least according to the Chairman of the United States Senate Committee on Commerce, Science and Transportation).

 

Stephen Cobb

...is available for consultation and speaking engagements.

Profile | Publications |

Sites of Note:

Cobweb Applications UK Secure Design, Security Training, and Business Continuity Planning | ContingenZ Corporation Information assurance and Business Continuity | | David Brussin's What Comes Next | Winn Schwartau's InfoWarCon 2007 | Winn Schwartau's Security Awareness Co |

Consider this:

To authenticate employee enrollment in online training at a major phone company we required employees to enter their company email address. That's how we, and the client, discovered that almost half of all employees did not know their company email address.

Why? Because they were issued computers with an email account already created for them in Microsoft Outlook, which does not reveal, in normal use, the sender's email address.

Teaching employees their email address was added to the project scope, goals, and achievements, free of charge.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Did you know?

"...the Internet is not something you just dump something on. It's not a big truck. It's a series of tubes. And if you don't understand those tubes can be filled and if they are filled, when you put your message in, it gets in line and it's going to be delayed by anyone that puts into that tube enormous amounts of material..."

-- US Senator Ted Stevens

 

Site menu:

Home | Articles | Blogs | News | | Slides | | Press | | About |

Copyright © 2007, Cobb Associates. All rights reserved. Open Source Web Design by Andreas Viklund.