Isacaroma Newsletter - English

Application security: Interview with Shreeraj Shah

Fri, 10 Nov 2006 10:26:45 +0100

061110-shreeraj (Qui la version italiana)
IsacaRoma: Good morning Mr. Shreeraj. Could you present yourself and the "Net Square"?

Shreeraj Shah: My self is Shreeraj Shah, I am founder and director of Net Square. I am leading consulting, training and R&D activities at Net Square.

ENISA: intervista a Jani Arnell sui "rischi emergenti"

Wed, 25 Oct 2006 07:00:12 +0200

061025-enisa-arnell-it IsacaRoma (IR): Grazie per la collaborazione Mr. Arnell. Lei è un esperto di Risk Management di ENISA ed ha partecipato al workshop sul RMA di Roma dello scorso 13 ottobre 2006 con una relazione dal titolo “Study on Emerging Risks” (pdf, K). Può sintetizzarcene il contenuto?

ENISA: Interview with Dr Louis Marinos, Senior Expert on Risk Management

Fri, 20 Oct 2006 13:11:38 +0200

061020-enisa-marinos Louis Marinos is coordinator of Ad-hoc Working Group on Risk Assessment and Risk Management of ENISA

IsacaRoma (IR): Thanks for your collaboration Dr Marinos. Recently ENISA announced its first deliverable in the area of Risk Management: Inventory of Risk Management/Risk Assessment Methods and Tools. Can you present it?

Interview with Lily Bi on GTAG project

Mon, 28 Aug 2006 10:15:43 +0200

060828-GB-LBI (versione italiana)
IsacaRoma: Thanks for your collaboration Ms Bi. You are “Technology Practices Manager” at The Institute of Internal Auditors (The IIA). Could you explain to us you role and responsibility? How are you involved in GTAG project?

The future of COBIT

Fri, 07 Jul 2006 12:31:20 +0200

060707-VanGrembergen Interview with Wim Van Grembergen, professor at the Economics and Management Faculty of the University of Antwerp (Belgium), member of the Academic Relations Committee of ISACA, engaged in the continuous development of the COBIT framework.

Ross Anderson on WEIS 2006, the fifth Workshop on the Economics of Information Security (WEIS 2006)

Mon, 12 Jun 2006 06:45:20 +0200

06-Weis2006RA-GB (Italian version)
IsacaRoma: Hello, Professor Anderson and thanks for speaking to us. Could you tell us about the Fifth Workshop on the Economics of Information Security (WEIS 2006) ?

Ross Anderson: The Workshop on Economics and Information Security is main annual event for people interested in the interaction between economics and security. It is being held in Cambridge, England, from June 26-28. The economics of security is a hot and rapidly growing field of research. More and more people are coming to realise that security failures are often due to perverse incentives rather than to the lack of suitable technical protection mechanisms. (Indeed, the former often explain the latter.) Often the people who are in a position to defend a system don't suffer the costs of failure, so they become lazy and careless. While much recent research has been on “cyberspace” secury issues - from hacking through fraud to copyright policy - it is expanding to throw light on “everyday” security issues at one end (such as whether we spend too much or too little on police and on insurance) and to provide new insights and new problems for theoretical computer scientists and “normal” economists at the other. In the commercial world, as in the world of diplomacy, there can be complex linkages between security arguments and economic ends.

Interview with Ross Anderson

Wed, 02 Nov 2005 15:52:40 +0100

0511-RossAndersonBy Agatino Grillo
(Italian version)

IsacaRoma: You are Professor of “Security Engineering” at the Computer Laboratory http://www.cl.cam.ac.uk/ of University of Cambridge. Could you present yourself and the "Computer Laboratory"?

Bruce Schneier: Questions & Answers

Fri, 28 Oct 2005 16:43:47 +0200

0510-Schenier-GB Interview with the internationally renowned security technologist, founder and CTO of Counterpane, editor of Crypto-Gram newsletter and author of “Applied cryptography” and other books.
By Agatino Grillo
(Italian version)

A conversation with Simon Singh

Fri, 28 Oct 2005 10:35:04 +0200

0510-singhGBInterview with the author of “The Code Book” and other scientific books.
by Agatino Grillo.
(Italian version)

IsacaRoma: What's about you? Actually you are an author, journalist and TV producer, specialising in science and mathematics. Any other? What is you cultural background? How did you arrive to science and mathematics?

ISACAROMA Newsletter International Issue

Mon, 10 Jan 2005 15:51:35 +0100

0412-cilli Dear friends,
this is a special issue of our newsletter: we have decided to print the English version of some of the most significant articles published during the last year, in order to facilitate an international divulgation.

The reprinted articles are:

Special column on professional certifications which compare “our” CISA and CISM with CISSP, CIA, OPSA, CompTIA Security+, GCFW (July and August);
Information Security Governance: a call to action (August);
Interview to Allan Boardman, President of London ISACA Chapter (July);
Special section on University and Security: interview to Stefano Zanero and Dario Forte (October)
Special column on ICT Security: interview to Mr. Pirotti Executive Director of ENISA (October) and Mr.Carducci (September).

Interview to Mr Andrea Pirotti, Executive Director of ENISA

Thu, 06 Jan 2005 15:18:25 +0100

0412-gb-pirotti On 6th October, Andrea Pirotti was questioned, evaluated and then confirmed by the European Parliament as Executive Director of Enisa, the European Network and Information Security Agency. He is currently the only Italian Director out of the sixteen European agencies

Thank you, Mr Pirotti for allowing us to interview you. First of all, could you tell us what Enisa is?

Interviewing Giulio Carducci

Tue, 04 Jan 2005 14:50:04 +0100

0412-carducci Giulio, what’s your opinion about the Italian ICT security market?

The ICT Italian market reflects the overhaul weakness of the present economical situation. This trend could be however reversed if users would improve their security awareness. There is still a great market potential in companies, government bodies and private consumers. ICT security awareness in last ten years has been really minimal. Would be of utmost utility, both for private and public bodies, entities to promote in a modern and intelligent way both a security culture an assurance infrastructure in order to guarantee on the market both security plans and solutions. Such entities would act as national counterparts of Enisa, the recently established UE agency for networks and information protection.

Professional Certifications

Sat, 01 Jan 2005 13:48:55 +0100

0412-certifications.html

CISSP

By: Francesco Mariani, CISA, CISM, CISSP
f.mariani (AT) isacaroma.it

Only recently administered in Italy, while widely known and spread all around the world, CISSP (Certified Information Systems Security Professional) designation is the well-deserved standard of vendor-independent infosecurity certifications, so that it was recently granted ISO17024 accreditation.

Interview with Dario Forte, “Incident Response" teacher

Tue, 26 Oct 2004 10:20:53 +0200

No title

An academic competence centre for ICT security. A course designed for computer security incident response team.

Hello Dario, let’s start with your academic experience. How did get started working with the University? What do you teach?

Interview with Stefano Zanero, Ph.D. student in Security Engineering

Mon, 25 Oct 2004 10:00:11 +0200

No title

He has graduated “cum laude” from the Politecnico of Milano school of engineering; he is currently a Ph.D. student in the Department of Electronics and Information of the same university. Among his current research interests, besides learning IDSs, are the performances of security systems and clustering techniques.