Access: Restricted

From the Fall 2022 Issue

Putting Risk Back into Cyber Risk Management

Author(s):

Shawn M. Thompson, Founder and CEO, ITMG

Cyber Risk Management

Corporations are faced with the omnipresent threat of security attackers, both external and internal, seeking to steal money or information, disrupt operations, destroy critical infrastructure, or otherwise compromise data-rich institutions. There’s no shortage of money or technological tools being devoted to support cyber risk management, as such threats are high on the agendas of senior … Read more

From the Fall 2022 Issue

Vulnerability Management – Doing IT Right

Author(s):

Sarith Somasundaran Pullanikkat, Security Program Manager, Meta Platforms, Inc.

Vulnerability Management - Fall 2022

Any organization — big or small — with an Internet presence has to deal with malicious actors trying to compromise them. Exploiting open vulnerabilities in systems exposed to the web is one of the most common approaches adversaries use to penetrate an organization. Once they are in, they can use any number of techniques to … Read more

From the Fall 2022 Issue

Through the Lens of a CISO

Author(s):

Andres Andreu, CISO, 2U, Inc.

Through the Lens of a CISO

A modern-day cybersecurity leader, typically a Chief Information Security Officer (CISO), needs to look at the world, its events, its meta-data, its features and its people in a very specific way in order to be successful. While some of this may sound borderline paranoid to outsiders, a good CISO develops a healthy respect for opposing … Read more

From the Fall 2022 Issue

Using Behavior Profiling to Identify Insider Threats – Part 2

Author(s):

Richard Benack, Principal Investigator, Hiperformance Security

using-behavior-profiling-part-2-benack-fa22

INTRODUCTION In the previous article, we talked about the importance of identifying risky and threatening behavior from people working in an organization. But that is only half the story. The most important part of keeping an organization safe from insiders is detecting and countering threatening behavior. Detection and countering of insider threats requires both a … Read more

From the Fall 2022 Issue

Seizing Opportunities – Developing Inner Resiliency!

Author(s):

Diane M Janosek, PhD, Esq, CISSP, CEO, JANOS LLC

Seizing Opportunities-Janosek- Fall 2022

In today’s world, cyber professionals are on 24/7 to keep mission systems secure and operational, but what has one done for oneself lately? As the world has changed due to the pandemic, so has personal and professional routines. The biggest challenge often experienced, but infrequently discussed, is how does a cybersecurity professional stay on the … Read more

From the Fall 2022 Issue

Information Wars: How Disinformation is the Fastest Growing Cyber Threat

Author(s):

Gabrielle Hempel, Systems Engineer, RSA Security

Information Wars

Disinformation campaigns have been an enormous part of today’s political landscape—but do they pose a cybersecurity threat as well? Targeted disinformation campaigns often leverage various parts of the Internet and rely heavily on social media platforms to communicate their intended content. However, disinformation has become a critical aspect of many cyber-attacks, and the manipulation of … Read more

From the Fall 2022 Issue

Who’s Responsible for the Death of Privacy?

Author(s):

A.J. Nash, Vice President of Intelligence, ZeroFOX

Who's Responsible for the Death of Privacy

In the last 40 years, the industrialized world has become reliant on interconnected technologies, with nearly all communication now accomplished through email, cellular phones, and various messaging systems. Additionally, nearly all records — from the critical to the mundane — are stored in connected environments not controlled by those who routinely entrust their data to … Read more

From the Fall 2022 Issue

Leveraging Artificial Intelligence to Optimize IT Ops

Author(s):

Chris Hitchcock, Senior Associate, KPMG

Epiphany Smith, Senior Associate, KPMG

Sallie Sweeney, Director/Tech Enablement, KPMG

Leveraging Artificial Intelligence

Artificial Intelligence (AI) is all around us. Smartphones, navigational software, and online shopping have become part of the foundation for conducting our day to day lives. Artificial Intelligence is already embedded, to some degree, across most of these modern technology platforms. At its core, Artificial Intelligence is the development of computer systems to perform tasks … Read more

From the Fall 2022 Issue

AI-Enabled Cyber Operations

Author(s):

Dr. Scott Jasper, Senior Lecturer, Captain, U.S. Navy, Retired, Naval Postgraduate School

AI-Enabled Cyber Operations

Strategists Daniel Araya and Rodrigo Nieto-Gomez proclaim that Artificial Intelligence (AI) has evolved into a “powerful driver of social transformation,” manifested by Machine Learning (ML) in a wide range of mainstream commercial applications.[1]  As renown entrepreneur Steve Blank explains, AI solves problems, makes decisions, and performs tasks that “traditionally require humans to do.”[2]  ML is … Read more

From the Fall 2022 Issue

Auric Goldfinger and the Rise of Privacy Enhancing Technologies

Author(s):

David W. Archer, PhD, Principal Scientist, Niobium Microsystems and Galois, Inc.

David Archer - PETs Feature

“Mr. Bond, they have a saying in Chicago: ‘Once is happenstance. Twice is coincidence. The third time it’s enemy action’.” Goldfinger’s not wrong: When the same topic comes up three times in short succession from seemingly independent sources, something is going on. That’s currently the case with the positive, friendly action of the U.S. Government’s … Read more