Energy Control Systems Security

November/December 2014

IEEE Security & Privacy magazine cover

From the Guest Editors

Control system operations staff are highly specialized. They're a healthy mix of deep, narrow experts — power engineers and petroleum engineers, for example — and less educated technicians who slowly evolve from field workers to supervisors. For an industry in which 50-year-old equipment remains commonplace, cybersecurity is a brand new requirement, and there's a shortage of qualified expertise available to address it. It will be up to our community to bridge the gap. Read full article »

About IEEE Security & Privacy

IEEE Security & Privacy magazine provides articles with both a practical and research bent by the top thinkers in the field along with case studies, tutorials, columns, and in-depth interviews and podcasts for the information security industry.

Articles from IEEE Security & Privacy

An Organizational Psychology Perspective to Examining Computer Security Incident Response Teams

An Organizational Psychology Perspective to Examining Computer Security Incident Response Teams

Generally, computer security incident response team (CSIRT) managers and team members focus only on individual-level skills. The field of organizational psychology can contribute to an understanding of the full range of CSIRT job requirements, which include working as a team and within a larger multiteam system. Read full article »

An Anthropological Approach to Studying CSIRTs

An Anthropological Approach to Studying CSIRTs

The ethnographic method of participant observation can help researchers better understand the challenges that computer security incident response teams face by illuminating underlying assumptions and tacit practices that shape how tools are actually used in different contexts. Read full article »


Seeking Editor in Chief

seeking EIC

The IEEE Computer Society seeks applicants for the position of editor in chief, serving a two-year term starting 1 January 2016. The EIC would need to be available for training and interim activity beginning 1 October 2015.

Prospective candidates are asked to provide (as PDF files), by 1 August 2014, a complete curriculum vitae, a brief plan for the publication’s future, and a letter of support from their
institution or employer.

Qualifications and Requirements

Candidates for any IEEE Computer Society editor in chief position should possess a good understanding of industry, academic, and government aspects of the specific publication’s field. In addition, candidates must demonstrate the managerial skills necessary to process manuscripts through the editorial cycle in a timely fashion. An editor in chief must be able to attract respected experts to his or her editorial board.

Major responsibilities include

  • actively soliciting high-quality manuscripts from potential authors and, with support from publication staff, helping these authors publish their manuscripts;
  • identifying and appointing editorial board members, with the concurrence of the Publications Board;
  • selecting competent manuscript reviewers, with the help of editorial board members, and managing timely reviews of manuscripts;
  • directing editorial board members to seek special-issue proposals and manuscripts in specific areas;
  • providing a clear, broad focus through promotion of personal vision and guidance where appropriate; and
  • resolving conflicts or problems as necessary.

Applicants should possess recognized expertise in the computer science and computer security community, and must have clear employer support.

Contact Information

For more information on the search process and to submit application materials for IEEE Security & Privacy, please contact: Kathy Clark-Fisher at


Authentication at Scale

Arguing that it's time to give up on elaborate password rules, Google Vice President of Security Eric Grosse and engineer Mayank Upadhyay present a better way to achieve stronger user identification. Read full article »


Silver Bullet Security Podcast with Gary McGraw

Silver Bullet Security Podcast logo

The History of Public Key Cryptography with Whitfield Diffie
Gary speaks with Whitfield Diffie, a pioneer of public-key cryptography. They discuss the history of public key cryptography, Diffie’s work on the "proof of correctness of programs," and if backdoors into crypto systems are a bad idea. They close out by discussing art. More podcast episodes »