Lieberman Software

October 2010

Top of Mind

Legislation: A Good First Step to Cybersecurity Leadership

Philip  Lieberman
President & CEO
Lieberman Software

A year can make a big difference in technology – and in politics. A year ago, the federal government was failing badly at establishing a leadership position in cybersecurity. Interim cybersecurity czar Melissa Hathaway had resigned amid delays to appoint a full-time federal director. The politicians were thinking about anything but the defense of our nation’s computing infrastructure. And the attacks kept rolling in.

Fortunately, things for the good guys have improved. We’ve got a veteran in Howard Schmidt firmly established in the federal cybersecurity leadership role. And, more importantly, the legislators are working hard to give him and other security leaders within the government enough authority, tools and cash to actually make a difference in the fight for digital ground.

I’ve long been an advocate of establishing cybersecurity laws that have teeth and authority to prevent and deter attacks to our infrastructure. I believe that the drafts that we’re seeing of Senator Joe Lieberman’s Protecting Cyberspace as a National Asset Act of 2010 are a good first effort from legislators in order to do that.

The law provides guidance and authority to establish a cabinet level position in cybersecurity with authority, staff and budget to carry out important security initiatives. And it also provides considerable prescriptive guidance in the way the government deals with known infected computers that are perpetuating attacks against national infrastructure.

I especially find the first point extremely refreshing. The fact that at the executive level we are going to provide accountability for both success and failure of different federal agencies in regard to whether or not they achieve security is encouraging. The bill is quite specific – when agencies don't achieve security requirements, their leaders are subject to loss of bonuses and loss of incentive pay.

Read the rest of “Legislation a good first step to cybersecurity leadership” in SC Magazine.

What do you think? Email me at:


Tech Tip of the Month

Securing Application Credentials

Enterprise Random Password Manager continuously secures embedded passwords in web application tiers, packaged software programs, line-of-business applications, custom programs and more – automatically changing embedded passwords according to rules that you define for complexity and change frequency, and synchronizing all changes across interdependent tiers to prevent lockouts and service disruptions. Learn More.


  Follow us on Twitter!

Customer Snapshot: Carnegie Mellon

Carnegie Mellon University is a global research university with more than 11,000 students, 84,000 alumni, and 4,000 faculty and staff.

The Situation: The IT staff required a way to automatically update and securely store privileged account passwords to help protect data.

The Solution: Enterprise Random Password Manager (ERPM) was deployed to the enterprise and operational in less than one day.

The Result: Local accounts are now updated with unique passwords on a routine basis and all sensitive privileged passwords are securely stored in a vault.

“It took less than one day from the time that we started the installation until we changed all of the privileged passwords on our machines. It was that simple. ERPM satisfied our purchase criteria on day one. Now we’re in the value-add stage." - Joe Corey, Windows Services Team Lead, Carnegie Mellon IT Group

Click here to read the detailed case study.

What's New in Identity Week

Featured commentary on our
Identity Week blog this month includes:

  • October is CyberSecurity Awareness Month. October 2010 is the seventh annual CyberSecurity Awareness Month, a campaign to remind Americans of a shared responsibility to protect the nation’s cyber networks and information infrastructure...
  • Blueprint for Destruction. Last weekend the Washington Post published an analysis showing how the notorious Stuxnet worm could become the model for a cyber attack on US infrastructure...
  • PIM, PUM, and IAM Explained. As the Identity Management market continues to evolve we’ve noticed growing confusion regarding the differences between Privileged Identity Management (PIM) , Privileged User Management (PUM), and numerous other terms...

Events / Press / Analysts
  • Lieberman Software Grows Worldwide Sales Through Expanded Global Partner Program. In addition to Aquion, other recent additions to Lieberman Software’s international partner program include NetBR and Secure1 Technology in Brazil, Nanjgel Solutions in Dubai, Magix Integration in South Africa, INSERTO AG in Switzerland, PRIOLAN and IBV Informatik GmbH in Germany and GE Multitech in the United Arab Emirates.
  • PODCAST: The Impact of Evolving Cybersecurity Threats. Philip Lieberman talks about his experiences as an advisor on the Lieberman-Collins cybersecurity bill and the next steps in this legislative process, cybersecurity threats to the utilities industry, the problems associated with a shortage of domestic IT security professionals, and his extensive experience helping secure data in government agencies, military organizations, and private industry. (14:37)
  • Biggest insider threat? Sys admin gone rogue. Network World. The Lieberman password-manager software is sometimes referred to as a type of "firecall" tool that gives top IT managers a way to approve accounts for elevated rights of domain temporarily. It requires multiple individuals with manager status to approve any elevation of account.
  • Google Could Drive Mobile Two-Factor Authentication Model. Dark Reading. "How many people are going to want to take an SMS message every time they want to log into their e-mail?" says Phil Lieberman, founder of Lieberman Software. "It's impractical for e-mail, which is something you're accessing all day long. And any security that is inconvenient will generally not be used and discarded.

Lieberman Software Corporation respects your right to privacy, and believes any information you provide us should be protected from disclosure to others. For more information, please read our privacy policy. You are receiving this email because you have granted us permission to contact you. If you do not wish to receive email messages from Lieberman Software in the future, please click here.

Lieberman Software Corporation
1900 Avenue of the Stars, Suite 425
Los Angeles, CA  90067
           |    (01) 310-550-8575  |