Security Principles Versus the Real World
Moderator:
Gary McGraw, Chief Technology Officer, Cigital
Panelists:
Eugene Spafford, Executive Director of the Center for Education and Research in Information Assurance and Security (CERIAS) and Computer Sciences Professor, Purdue University
Jim Routh, CISO, Aetna
Keith Gordon,Information Security & Risk Mgmt Exec, Capital One
Marcus Ranum, Chief Security Officer, Tenable
Years ago, Saltzer and Schroeder identified a set of security principles meant to guide security design. Today, with computer security more important than ever, the question at hand is how these principles align with the real world (or don’t). This panel pits academia (Matt Bishop) and security gurus (Marcus Ranum) against the real world CISOs from Aetna and Visa in a knockdown drag out fight.
source