Security Experts:

WRITE FOR US
Oliver Rochford's picture

Oliver Rochford

Contact Oliver Rochford

Oliver-Christopher Rochford is a writer and Security Consultant from Germany, currently working for HP Enterprise Security Services, with over a decade of Information Security experience garnered from such diverse companies such as Integralis, Qualys, Secunia and Verizon Business. Alongside other articles and interviews on Information Security and Cyberterrorism, he also wrote the German and Dutch 1st and 2nd editions of “Hacking for Dummies”. His primary interests are cybercrime, cyberwar, cyberpunk and the study of history, chaos and emergent self-organising systems.

Recent articles by Oliver Rochford

  • Why Bad Security is Bad Business
    Management and business leaders will have to take note quickly, and learn to recognize information security risks as real risks to the success of their business.
  • The Technical Debt Bubble and Its Effect on IT Security
    The term "technical debt" was coined by Ward Cunningham to describe the effect of skimping during the design and implementation phase of software. So how did the technical debt bubble affect information security?
  • The Compliance Paradox - The Love-Hate Relationship with GRC
    To a security guru, GRC feels like a waste of time. It will provide artificial challenges that make a difficult task even harder, with very little gain or advantage in return other than a report containing lists of items with a marked checkbox.
  • Einstein on Security Procedures and Processes
    In addition to being a renowned theoretical physicist, Einstein was also a wizard at writing security procedures and processes. Here is a short selection of quotes from Albert Einstein, and why they are worthwhile when thinking about security.
  • Chainmail: A Great Model for a Solid Security Strategy
    Chainmail is composed of several layers of steel-ring cloth, interlocked not just in the width and length, but also through several layers in depth. That is where chainmail derives its strength, and so should any well-designed defensive security strategy.
  • National Internet IDs: Putting All Our Eggs in One Basket?
    Have you heard? All of our security problems will be solved. How? Each and every citizen will be issued with a unique, secure online identity, so that the originator of any and all transactions, connections and requests can be readily and easily identified. Really?
  • Security Strategy? What Strategy?
    Most businesses do not appear to have anything even remotely resembling a real security strategy. In the case of Information Security, you must first define your goals. These goals have to be realistic and inline with the resources at your disposal.
  • Attracting the Needle in the Haystack
    Not so long ago, the problem that most security professionals had was a lack of information. Now, many of us have more information than you can throw SQL queries at. So how do you find a needle in a haystack?
  • Where are the Cyber Warriors?
    We have an entire commercial class of security professional, but very few hackers. Where are our cyberwarriors? Where will they be when we really need them? With us, or against us?
  • Generation InsecuritY - Is the Internet a Fundamental Necessity?
    A recent survey from Cisco implies that Generation Y is in some way less security savvy, or at least, less security responsible, than their older contemporaries. This is of course a huge oversimplification.
  • Hacking Scandal Spreads to Government. Are You Four Digits Away From a Security Breach?
    A bunch of technically unskilled attackers managed to circumvent the national security precautions of the United Kingdom by exploiting an unsecured 3rd party. How vulnerable is your organization to these types of attacks?
  • Who Watches the Watchers?
    In the wrong hands, Security Solutions can turn into weapons or tools of slavery and oppression. The people usually involved in deciding in who’s hands these tools end up, are sadly often torn between conflicting interests, like sales targets.
  • Control: The Scariest Thing about Securing Mobile Devices
    Mobile devices share basic components as a PC, but that is truly where the similarities end. The differences are far more important than the shared points, and will scupper most traditional security approaches, which all hinge on one really simple idea.