Essays and Op Eds by Category

Business of Security

November 8, 2013 • The Atlantic
A Fraying of the Public/Private Surveillance Partnership

August 21, 2013 • Bloomberg.com
How Companies Can Protect Against Leakers

August 12, 2013 • The Atlantic
The NSA Is Commandeering the Internet

June 6, 2013 • Harvard Business Review
You Have No Control Over Security on the Feudal Internet

March 3, 2013 • New York Daily News
Take Stop-and-Scan with a Grain of Salt

November 11, 2009 • The Guardian
Reputation is Everything in IT Security

September 2009 • Information Security
Is Perfect Access Control Possible?

June 4, 2009 • The Guardian and The Japan Times
Be Careful When You Come to Put Your Trust in the Clouds

April 23, 2009 • The Guardian and Gulf Times
How the Great Conficker Panic Hacked into Human Credulity

March 12, 2009 • The Guardian
Blaming The User Is Easy -- But It's Better to Bypass Them Altogether

February 16, 2009 • The Wall Street Journal
Thwarting an Internal Hacker

Jan 2009 • Information Security
State Data Breach Notification Laws: Have They Helped?

October 2008 • Information Security
Does Risk Management Make Sense?

September 2, 2008 • CSO Magazine
Security ROI: Fact or Fiction?

August 21, 2008 • Wired News
Boston Court's Meddling With "Full Disclosure" Is Unwelcome

August 10, 2008 • Security Watch
The Problem Is Information Insecurity

August 7, 2008 • The Guardian
Why Being Open about Security Makes Us All Safer in the Long Run

July 17, 2008 • The Guardian
Software Makers Should Take Responsibility

June 30, 2008 • Wired News
I've Seen the Future, and It Has a Kill Switch

June 12, 2008 • Wired News
The Pros and Cons of Lifelock

May 29, 2008 • Wired News
Why Do We Accept Signatures by Fax?

May 26, 2008 • CIO
How to Sell Security

April 17, 2008 • Wired News
Prediction: RSA Conference Will Shrink Like a Punctured Balloon

March 2008 • Information Security
Consolidation: Plague or Progress

February 7, 2008 • Wired News
With iPhone, "Security" Is Code for "Control"

Nov/Dec 2007 • IEEE Security and Privacy
The Death of the Security Industry

October 5, 2007 • OutlookBusiness
Paying the Cost of Insecure Software [PDF]

May 3, 2007 • Wired News
Do We Really Need a Security Industry?

February 27, 2007 • Minneapolis Star Tribune
Privatizing the Police Puts Us at Greater Risk

January 2007 • ENISA Quarterly
Information Security and Externalities

November 30, 2006 • Wired News
My Data, Your Machine

November 2006 • Information Security
Do Federal Security Regulations Help?

September 7, 2006 • Wired News
Quickest Patch Ever

July 2006 • Information Security
Are Security Certifications Valuable?

May 4, 2006 • Wired News
Everyone Wants to "Own" Your PC

April 20, 2006 • Wired News
The Anti-ID-Theft Bill That Isn't

February 9, 2006 • Wired News
Fighting Fat-Wallet Syndrome

November 17, 2005 • Wired News
Real Story of the Rogue Rootkit

June 23, 2005 • New York Daily News
Make Businesses Pay in Credit Card Scam

April 2005 • Communications of the ACM
Two-Factor Authentication: Too Little, Too Late

Jan/Feb 2005 • IEEE Security and Privacy
Authentication and Expiration

April 2004 • IEEE Computer
Hacking the Business Climate for Network Security

February 2004 • Communications of the ACM
Risks of PKI: Electronic Commerce

January 18, 2002 • CNET News.com
Trust, but Verify, Microsoft's Pledge

2002 • IEEE Computer Magazine
The Case for Outsourcing Security

March 2001 • Communications of the ACM
Insurance and the Computer Industry

February 2001 • Information Security
The Insurance Takeover

November 1999 • Information Security
A Plea for Simplicity

August 1999 • ZDNet
Web-Based Encrypted E-Mail

January 26, 1999 • ZDNet
Intel's Processor ID

back to Essays and Op Eds

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..