Accessible information:
We are of the opinion that the more people know about information security the better information security will become. As security professionals we feel it is our duty to share our knowledge of the subject from which we make our living. As we gain new insights we will pass them along. We see no conflict between this and our goal of making a living. Of course, it is our hope that, if you find the information we provide here to be useful, you will then regard us in a positive light. Down the road, if you should ever need the services of an information security expert, then hopefully you will consider contacting us. And if we can't help you, we'll do our best to put you in touch with someone who can.
Stephen Cobb has written for, among others, Network World, BYTE, PC Magazine, ABA Banking Journal, Security Management Magazine, Information Security Magazine, Newsscan, HP Chronicle, Sun Server Magazine, Unisys World, Internet Security Advisor, Mobile Business Advisor, Business Security Advisor, Compliance Solutions Advisor, CyberDefense Magazine, Inside Direct Mail, EDI Journal, Target Marketing, What PC?
The articles:
Note that some of these articles are several years old, over ten years old in a few cases. There are several reasons for including these older articles here. First, many aspects of information security do not change much. A lot of the basic advice from ten years ago is still valid today. Second, it is important that the history of information security is not lost, or we may be condemned to repeat it. Indeed, examples of this abound. (The plague of Microsoft Word and Excel viruses that the world endured could have been avoided if Microsoft had taken the Lotus or WordPerfect approach to macros and put them in separate files.) The history of information security is littered with dark uses of bright ideas because the people who had the bright ideas did not do know enough about dark thinking. Here's hoping we can shed some light.
Compliance and Security: What you need to know about the 4 courts and downstream liability
Spam and Mobile Malicious Code: A Five Minute Talk by Stephen Cobb
The Fine Art of Privacy Policy: First appeared in Inside Direct Mail
Operators Wanted: Norwich University lecture on the difference between users and operators
Ebay Has Issues: First appeared in Network Security News for Network World
Have 802.11, Will Travel: The ethics of network detection: First appeared in Network Security News
A Prozac Moment in Privacy and Marketing: First appeared in Marketing Research Association Newsletter
Stephen Cobb & Chey Cobb on InfoSec: Newsscan weekly columns (2002-2003) and some slides
Crusts, Patches, and Soft Spots: Final lecture of the Master of Science in Information Assurance course
Norwich University, 2003, (Adobe Acrobat pdf)
Preventing VPN Problems from Derailing Mobile Workers
Guaranteed Genuine Users: with David Brussin, originally appeared in Security Advisor, Summer, 2000
The Billion Dollar Spam Threat: First appearted in Newsscan, Spring, 2003
The Silent Threat of Outbound Email: First published in Internet Security Advisor
Privacy Advisor--Preventing E-mail Privacy Snafus: Article
Privacy Knowledgebase--The Value of Privacy Training: Article
TRUSTE Newsletter, November 2002 The flip side of the wireless explosion: WAP-gap security risks
First published in Sun Server magazine, January, 2001
Data Storage Basics: What you don't know can hurt you: Article by Chey Cobb, CISSP
Privacy Versus Security: Article by Mike Cobb, MCDBA, CISSP Read online at Advisor.com
Layers, cycles & people: An approach to securing Windows: First published in Compaq Enterprise, 2000
Access control meets 'need-it-now' challenge: by Stephen Cobb & Bernie Cowens
First published in HP Chronicle November 2000
Firewalls 95: A Blast From the Past: First published in BYTE Magazine, October, 1995
InfoSec 96: A Blast From the Past: First published in February, 1996
Springing Into Action: Article by Stephen Cobb and Michael Miora, CISSP
First published in Information Security Magazine
The Mother of All Security Standards?First published in Internet Security Advisor
Making the Right Choice: Innovations in Internet Security
Paper for Internet Banking Technologies conference, London, 1999
Virus and Anti-Virus: First Published in Information Security News
What Does CISSP Mean?: Exclusive to the web
Denial of Service: What Does It Mean? Article with Chey Cobb first appeared in Infosecurity News
Today's Security Drivers: Written late 1999, published in early 2000
Notebook Security: Light Weights Can Equal Heavy Losses: Originally published in HP Chronicle, 2000
Web Site Security & Certification: Originally published 1996
Building Trust and Security for Commerce on the Web: Originally published in the EDI Journal, 1996
Time to stop spam: Security Strategies Newsletter, Network World, 08/19/03
Not the last word:
As we have said, the history of information security is littered with dark uses of bright ideas because the people who had the bright ideas did not do know enough about dark thinking. And some of the old ideas cooling their heels in the forgotten past of computer security are bound to be reborn as hot new products when the times is right. We will be adding more old articles as time permits and more new articles as they are written.
Stephen Cobb