Stories by Scott Berinato

The endless broadening of security

In September 2003, CSO published a groundbreaking interview with security guru Bruce Schneier. At the time, Schneier was evolving from cryptographer to general security thinker. An emerging generation of internet criminals and the new realities of a post-9/11 world were fueling his ideas beyond information security to the broader realm where technology and the physical world interacted. He was beginning to see security as a social science. "Real security means making hard choices," Schneier said at the time. It's one of his favorite interviews, and one of ours, too.
Now, nearly five years later, we wanted to find out how Schneier's views on security have evolved since then. Of course his views have changed -- Schneier is not one to let his ideas settle into complacency. For Schneier, who is Chief Security Technology Officer of BT, security keeps getting broader, more general, more related to every aspect of our lives. Security, which started for him as fixed equations used for hiding digital data, has become nothing less than the fundamental catalyst for all human behavior. "I have come to believe that security is fundamentally about people," he says.

Written by Scott Berinato16 June 08 22:00

Should surveillance cameras detect criminals or deter crime?

At the recent ASIS show in Las Vegas, among booths where vendors hocked everything from locks to tasers to bomb-sniffing dogs was a booth for a vendor selling Graffiti Cam. The portable, covert surveillance camera detects "graffiti-related motion," snaps pictures and e-mails them to the police as it sends text messages to their cell phones that say, essentially, "Hey, get down here." All the while, it collects TV-quality video on a tamper-resistant, encrypted memory card.
At only US$5,000 per camera, Graffiti Cam seems like a home run. It arrives at a time when public surveillance has gained tacit, creeping acceptance and when graffiti has become a $12 billion migraine for cities and towns--a kind of aerosol spam that they desperately want to scotch because it's bad for business. Social scientists call this the broken windows theory: Vandalism leads people to sense a place is unsafe and broken down, so they leave, which in turn makes the place actually become unsafe and broken down. Reality follows perception.

Written by Scott Berinato12 Jan. 08 22:00

Top 10 data breaches of 2007

If there's only one thing you'll remember from 2007, it will be Britney Spears' meltdown. But if there are two things you remember, it will be Britney and the thousands of data breaches that were reported in 2007, right? Right? Well, it's what we'll remember, and since we don't necessarily do celeb gossip (unless you've got a good security angle...) we decided to offer up a review of the best and worst of Disclosure '07.
Each breach gets rated on our nifty, unscientific "Class-Action Outrage Scale," judging the likelihood that ambulance-chasing lawyers could have a field day. Look out We estimate nine of 10 lawyers are outraged on behalf of your 1.3 million victims.

Written by Scott Berinato25 Dec. 07 22:00

Confessions of a mob CIO

People call me a lot of things, but nobody would ever call me a CIO. Yet after reading CIO magazine a little bit, I guess that’s basically what I am. Maybe I’m a little younger than you, a little more techie. I know my routers and code.
Yeah, I deal with the same stuff you do. Same headaches. I’m constantly fixing stuff and trying to do whatever helps the bosses grow the business, as you call it.

Written by Scott Berinato29 Sept. 07 22:00

The .Net revolution

Four years ago, CIOs worried that .Net, which Microsoft was proclaiming a revolutionary new software architecture, was just another name for lock-in. "I'm not confident that Microsoft .Net will be compliant with open standards," Brett Kottman, then the e-commerce director for Excellence in Motivation, told CIO in 2001.
He wasn't alone. In a CIO Research Report from that year, seven out of 10 CIOs said they wouldn't adopt .Net. Just one in four said Microsoft's motivation for launching .Net was technical; nearly 60% said the motivation was marketing.

Written by Scott Berinato04 Dec. 05 22:00

Bronze age bastion

Last summer, Internet guru Vint Cerf proclaimed that the Internet is moving from its Stone Age to its Iron Age. Soon after, Internet guru Paul Mockapetris slightly altered that sentiment and said that, at best, the Internet has reached a figurative Bronze Age, which filled the two millennia between the Stone and Iron Ages.

Written by Scott Berinato05 April 05 19:22

How to save the Internet

Professor Hannu H. Kari of the Helsinki University of Technology is a smart guy, but most people thought he was just being provocative when he predicted, back in 2001, that the Internet would shut down by 2006. "The reason for this will be that proper users' dissatisfaction will have reached such heights by then that some other system will be needed,"

Written by Scott Berinato15 March 05 21:04

The art of securing pricelessness

The art of museum security is no less profound than some of the masterpieces hanging in the space that needs protecting. It makes sense out of a paradox. To make works of art difficult to steal or damage--while at the same time allowing a connection between the masterpiece and the beholder--requires generous amounts of planning, some cool technology and a little ingenuity. We found someone with experience in all three: Steven R. Keller, principal of his own museum security consultancy and former executive director of protection services at the Art Institute of Chicago. We asked Keller to show us how he'd secure a priceless painting if money were no object. The security program he designed is comprehensive; it not only protects the work itself, but also the room it hangs in and the museum as a whole.

Written by Scott Berinato07 Sept. 04 20:37

The sophisticated adversary

Darl McBride, the embattled CEO of The SCO Group Inc., visited our office recently and when he showed up, his eyes were sagging. They were red-rimmed, glassy and bloodshot and, overall, he looked worn. But it wasn't because of the litigious morass he'd created by suing IBM Corp. and others over the alleged plagiarism of Unix code that his company owns--at least not directly. McBride looked haggard because of a virus called Mydoom.

Written by Scott Berinato21 June 04 18:27

Bob Moore knows how not to get fired

Nearly 30 years of experience and four jobs in corporate security, including his current post as executive director of global security at Merck & Co., and not once has Bob Moore been let go, laid off, fired or otherwise left to "pursue other interests," as the transparent euphemism goes.
He attributes his perfect record to the kinds of things you'll find in all the management and leadership books--honesty, confidence, good staffing, experience. But then he backs it up. He demonstrates how the dog wags the tail, not vice versa. He hasn't been fired, in part, because of his credibility. Sounds nice. But then Moore explains in large block paragraphs how he gained credibility--by reporting to legal counsel, for one. And by creating global security policies in which the most detailed section is not on what employees can and cannot do, but on the ethical guidelines for his own security team.

Written by Scott Berinato17 Nov. 03 22:00

A modest prescription to remedy's ills

Dr. Paul Ellwood, among the most important voices in American health care during the past three decades, believes there's only one way to fix the nation's health-care system: Embrace computers.
In the 1970s, US managers used HMOs to cut costs. And in spite of those efforts, climbing health-care costs are a famous fact. In 1960, health care made up 5 percent of the gross domestic product. By 2000, it hit 13 percent, according to the government.

Written by Scott Berinato10 July 03 22:00

All Systems Down

A blow-by-blow record of one of the worst health-care IT crises in history and what CareGroup CIO John Halamka learned from it.

Written by Scott Berinato11 April 03 10:54

Ideas 2003: Big brother IT

After 9/11 and after the Enron follies, more security (and, concomitantly, less privacy) became the order of the day. Right now, to the concern of some and the delight of others, formerly niche monitoring and tracking technology applications are being repurposed for more general, widespread use. Here are three you will encounter in 2003.

Written by Scott Berinato26 Jan. 03 22:00

The 1000-day ERP rollup

By Scott Berinato
In the go-go '90S, large companies everywhere decentralized and customized their ERP systems. Now that the party's over, it's time to clean up and work on the difficult task of integrating many systems into one. This kind of systems rollup will be the predominant type of ERP project CIOs at large companies will face during the next half-decade.

Written by Scott Berinato25 Jan. 03 22:00