Archives: Articles

From the Spring 2016 Issue

Technology and the Tension between Security and Privacy

Author(s):

Connie Uthoff, Program Director, The George Washington University

At the Electronic Privacy Information Center (EPIC) Champions of Freedom event in June 2015, Apple CEO Tim Cook stated, “Like many of you, we at Apple reject the idea that our customers should have to make tradeoffs between privacy and security. We can and we must provide both in equal measure. We believe that people … Read more

From the Spring 2016 Issue

What’s Next for Cybersecurity in Maryland?

Author(s):

Amanda Fortner, Managing Editor, United States Cybersecurity Magazine

When asked about his recent transition from Garrison Commander at Fort George G. Meade to Director of Cyber Development in the Maryland Department of Commerce (previously the Maryland Department of Business and Economic Development), Ken McCreedy laughed and said, “It’s been a whirlwind.” The retired U.S. Army colonel has taken on this prestigious role in … Read more

From the Spring 2016 Issue

The Changing Tide of Enterprise IT

Author(s):

Tom Caldwell, Co-Founder/EVP, CyberFlow Analytics

The expansion of network-connected devices that has been dubbed the Internet of Things (IoT) has also brought about a sea change in enterprise information technology (IT). While this change has been occurring over several years, it is now accelerating, drawing increased attention and necessitating adjustment. Traditional enterprise IT shops are often separated into silos containing … Read more

From the Spring 2016 Issue

Reinforcing the Links to Strengthen the Chain: Vendor Risk Management

Author(s):

Jennifer Donaldson, CRISC, Senior Vendor Risk Analyst, FedEx Services

Kimberly Lofties, CRISC, Senior Vendor Risk Analyst, FedEx Services

Housekeeping, landscaping, tax preparation, and automobile services are all best left to the experts. Private individuals outsource because it saves time and money, and businesses do the same. The top reasons companies outsource are to lower operational and labor cost, and to focus on their core business functions.1 Outsourcing relieves the pressures of large monetary … Read more

From the Spring 2016 Issue

Maryland Cybersecurity: We Are Many, We Are One

Author(s):

Gina Palladino, Owner, Silver Tree Consulting, Inc.

Stacey Smith, Executive Director, Cybersecurity Association of Maryland, Inc.

“Maryland has effectively leveraged its existing assets, proximity to the federal government, and strong leadership both at the gubernatorial and congressional delegation level to brand itself as the ‘cybersecurity epicenter’ of the country.” A bit of cybersecurity history In 1903, magician and inventor Nevil Maskelyne disrupted John Ambrose Fleming’s public demonstration of Guglielmo Marconi’s supposedly … Read more

From the Spring 2016 Issue

Information Security: THE CYBER CHESS CLUB

Author(s):

Cait von Schnetlage, MBA, CEO, Full Suite Solutions

Information security doesn’t start and end with business development experts and implementation specialists. It should have its roots within the foundations of a company, its core concept, and its leadership. Information security practices need to be built into all business processes, including how personnel communicate within the organization and externally with customers, vendors, and competition. … Read more

From the Spring 2016 Issue

Can Employee Behavior Indicate an Insider Threat?

Author(s):

Jim Mazotas, Founder, OnGuard Systems LLC

Larry Letow, CEO, U.S., CyberCX

While technology can play an important role in identifying an insider threat, it is equally important not to overlook behavioral patterns. Malicious employees often provide warning signs as they move from the idea of acting ‘not in accordance with established policies’ to outright data theft. These signs often take the form of changes in attitude … Read more

From the Spring 2016 Issue

The Nomad Project: Targeting Security and Availability Issues in the Cloud

Author(s):

Henry Au, Electrical Engineer, SPAWAR Systems Center Pacific

Mamadou Diallo, Computer Scientist, SPAWAR Systems Center Pacific

Megan Kline, Mathematician, SPAWAR Systems Center Pacific

Michael August, Cloud and Mobility Engineer, SPAWAR Systems Center Pacific

Patric Petrie, Lead Staff Writer, SPAWAR Systems Center Pacific

Roger Hallman, Mathematician, SPAWAR Systems Center Pacific

Organizations with sensitive data cannot take advantage of cloud computing because of security and availability concerns.  Cloud computing uses the Internet to manage, store, and process data remotely, instead of locally.  The three deployment models of cloud computing, infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS), offer … Read more

From the Spring 2016 Issue

The Roots of the IoT Forest

Author(s):

Lauren Edwards, Director of Marketing, Sysorex

The IoT is often viewed as a hurricane of attention-hungry little pieces of technology strewn about and constantly chatting.  The Internet of Things (IoT) is on track to land a spot on 2016’s “Buzzwords to Avoid” list, but this is a misunderstanding. The Internet of Things isn’t just about connected toasters or watches, and to … Read more

From the Spring 2016 Issue

Automating Cybersecurity Using Software-Defined Networking

Author(s):

Chris Christou, , Booz | Allen | Hamilton

Michael Lundberg, , Booz | Allen | Hamilton

A key enabler of these malicious attacks is system and network misconfiguration, which remains a major cause of information technology (IT) infrastructure vulnerabilities.  Large-scale cyber-attacks continue to make headlines around the world. While data breaches can have catastrophic and costly consequences, hackers can also cause havoc by interrupting organization operations through distributed denial-of-service (DDoS) attacks. … Read more