September/October 2014

IEEE Security & Privacy magazine cover

From the Guest Editor

This special issue will give you a greater understanding of what CSIRTs are and how they work. For the security researcher, these articles highlight challenges faced by operational security, presenting opportunities for new research avenues. Security practitioners can use the diverse perspectives presented in these articles to help them be more effective at their jobs. And policy makers can gain insights into how their work might impact these critical organizations. Read full article »

About IEEE Security & Privacy

IEEE Security & Privacy magazine provides articles with both a practical and research bent by the top thinkers in the field along with case studies, tutorials, columns, and in-depth interviews and podcasts for the information security industry.

Articles from IEEE Security & Privacy

An Anthropological Approach to Studying CSIRTs

An Anthropological Approach to Studying CSIRTs

The ethnographic method of participant observation can help researchers better understand the challenges that computer security incident response teams face by illuminating underlying assumptions and tacit practices that shape how tools are actually used in different contexts. Read full article »

Can We Afford Privacy from Surveillance?

Can We Afford Privacy from Surveillance?

Will the economics of improving IT lead us to more or less personal privacy? Our ability to protect from surveillance the personal information that we store and transmit digitally is in question; it's not about living off the grid, it's about affording the privacy of our information that's already on the grid. Read full article »


Seeking Editor in Chief

seeking EIC

The IEEE Computer Society seeks applicants for the position of editor in chief, serving a two-year term starting 1 January 2016. The EIC would need to be available for training and interim activity beginning 1 October 2015.

Prospective candidates are asked to provide (as PDF files), by 1 August 2014, a complete curriculum vitae, a brief plan for the publication's future, and a letter of support from their
institution or employer.

Qualifications and Requirements

Candidates for any IEEE Computer Society editor in chief position should possess a good understanding of industry, academic, and government aspects of the specific publication's field. In addition, candidates must demonstrate the managerial skills necessary to process manuscripts through the editorial cycle in a timely fashion. An editor in chief must be able to attract respected experts to his or her editorial board.

Major responsibilities include

  • actively soliciting high-quality manuscripts from potential authors and, with support from publication staff, helping these authors publish their manuscripts;
  • identifying and appointing editorial board members, with the concurrence of the Publications Board;
  • selecting competent manuscript reviewers, with the help of editorial board members, and managing timely reviews of manuscripts;
  • directing editorial board members to seek special-issue proposals and manuscripts in specific areas;
  • providing a clear, broad focus through promotion of personal vision and guidance where appropriate; and
  • resolving conflicts or problems as necessary.

Applicants should possess recognized expertise in the computer science and computer security community, and must have clear employer support.

Contact Information

For more information on the search process and to submit application materials for IEEE Security & Privacy, please contact: Kathy Clark-Fisher at kclark-fisher@computer.org.


Authentication at Scale

Arguing that it's time to give up on elaborate password rules, Google Vice President of Security Eric Grosse and engineer Mayank Upadhyay present a better way to achieve stronger user identification. Read full article »


Silver Bullet Security Podcast with Gary McGraw

Silver Bullet Security Podcast logo

Brian Krebs
On the 103rd episode of the Silver Bullet Security Podcast, Gary talks with Brian Krebs, reporter and blogger at Krebs on Security. Gary and Brian discuss how growing up with a computer affected their future careers in security, MUD vs. MAD, why "old media" can't support in-depth security reporting, and why the government continues to be five years behind the security curve. They close out talking about Brian's experience of writing Spam Nation. More podcast episodes »