IBM: IGT Case Study

IBM – IGT Case Study – Application Security with Artificial Intelligence and Machine Learning I talked for IBM‘s case study on Application Security at IGT. By employing the machine learning and AI-based capabilities of IBM® Security AppScan® application security software, … Continued

SHA-3 Winner is KECCAK

The National Institute of Standards and Technology (NIST) announced on October 2, 2012 the selection of KECCAK as the winner of the SHA-3 Cryptographic Hash Algorithm Competition and the new SHA-3 hash algorithm. Keccak makes use of the sponge construction … Continued

Possible Approaches to Information Security

There are three possible approaches to information security: reactive, proactive, and predictive. Reactive Information Security – Post incident detection, analysis, notification, containment, eradication, and remediation. Proactive Information Security – Avoiding or opposing threats against computers and networks through understanding the … Continued

Security Risk Management for Critical Infrastructures

Two colleagues and I presented paper titled “Security Risk Management for Critical Infrastructures” at itAIS 2011 Conference, “Information Systems: a crossroads for organization, management, accounting and engineering”, held in Rome, Italy, October 7 – 8, 2011. Abstract: This paper presents … Continued

Location Based Services – Security and Privacy Aspects

On September 28th, I delivered presentation on topic “Location Based Services – Security and Privacy Aspects” on global group Telenor Security Conference 2011. Abstract: Location based services are fast growing area in various types of businesses, particularly concerning mobile operators … Continued

Citation at Fourth Balkan Conference in Informatics

One statement from our earlier book, which has been published 2007, was cited at IEEE Conference Journal. It is interesting and actual for many organizations at moment: “Security is a process of keeping necessary level of risk in acceptable boundaries. That means security is a continual process and not a final state. Organization or institution can’t consider itself “secured” after last security check. That process needs to be continual.”
DOI link: