Archives: Articles

From the Winter 2016 Issue

DFARS Implementation and Compliance: The New Interim Rule

Author(s):

Christine Kinyenje, Founder and Principal Consultant, CKSecurity Solutions

In response to recent Executive orders and mounting pressure after high-profile government data breaches, the Department of Defense (DoD) approved an interim rule Defense Federal Acquisition Regulation Supplement: Network Penetration Reporting and Contracting for Cloud Services for the Defense Federal Acquisition System (DFARS Case 2013–D018), taking immediate effect. The rule, which will affect many government … Read more

From the Winter 2016 Issue

BUREAUCRATIZING INNOVATION TO BETTER SECURE CYBERSPACE

Author(s):

J. L. Billingsley, Advisory Board Member, Cyber Security Forum Initiative

For those entrusted with defending the nation against increasing cyberspace-related threats while operating in a fiscally constrained environment, the need to innovate is clear. One way to manage the inherent risk associated with the imbalance between ends and means is to embrace innovation.1 While many in the defense community equate innovation with integrating private sector … Read more

From the Winter 2016 Issue

The Inheritable Cloud Security Model

Author(s):

Dr. Alenka Brown, President , McClure, Brown & Associates LLC

Dr. Merrick S. Watchorn, DMIST, Cloud Security Solutions Architect / SME, Science Applications International Corporation (SAIC)

The influence of the cloud on the IT industry continues to grow in direct proportion to cost-cutting measures and profitability. The cloud concept enables those in charge to agree on a total cost of ownership (TCO) pricing model or the concept of shared costs, which includes acquisition, exchange, and post-possession.1 Additionally, the cloud provides pools … Read more

From the Winter 2016 Issue

Building a Cyber Lifecycle: The CyberTexas Foundation

Author(s):

Amanda Fortner, Managing Editor, United States Cybersecurity Magazine

The creation of a cyber warrior involves every element of an individual’s community: the schools that train them, the businesses that hire them, and the government that develops, enables, and protects the infrastructure necessary to sustain this evolution. But it’s not some neat assembly-line process, each budding cyber expert moving from school to work to … Read more

From the Winter 2016 Issue

Social Insecurity

Author(s):

Natalie Blackbourne, President, Blackbourne Worldwide

Influence and manipulation occur every day. Deadlines at work are accomplished because your boss used their influence to get things done; somehow that adorable Scout talked you into buying an extra box of cookies; or your annoying coworker magically got you to do an extra hour of work after buying you a latte. All of … Read more

From the Winter 2016 Issue

Cybersecurity Takes the Right Person

Author(s):

Don Watson, CISSP, Senior Cyber Instructor/Senior Software Engineer, VOR Technology

There is unprecedented demand right now for qualified cyber specialists to fill the ranks of government and civilian positions.1 Although there are many people with expertise in advanced computer and network technologies, many of these workers lack experience in the security-related aspects of these technologies. As a programmer I wasn’t taught how to write secure … Read more

From the Winter 2016 Issue

How to Gain Allies and Infuence Your Services Team’s Success

Author(s):

Michelle Covert, Manager, Production Support SILA-C, Vertafore

The information security and customer service groups within an organization often make for odd bedfellows, due to the competing and often divergent goals between the two groups. Security teams’ goals are to protect and prevent the loss of customer data, information, proprietary code, or practices; services teams are focused on resolving customer-reported issues as quickly … Read more

From the Winter 2016 Issue

Cybersecurity Education’s Cargo Cult

Author(s):

Mark R. Heckman, Ph.D., CISSP, CISA, Professor of Practice, Shiley-Marcos School of Engineering University of San Diego

During the Second World War, isolated island natives in the South Pacific observed how easily Allied military personnel based on the islands could obtain food and other supplies. The soldiers put on headsets, spoke into microphones, and airplanes soon appeared carrying the valuable cargo. When the war ended and the islanders were isolated once again, … Read more

From the Winter 2016 Issue

Cyber Literacy in the Age of Attacks

Author(s):

Dr. Jane A. LeClair, President, Washington Center for Cybersecurity Research & Development

Understanding personal computers’ hardware, operating systems, and applications is a good first step towards obtaining the knowledge and skill necessary for cyber literacy.  Much of the existing cybersecurity literature centers around defending the complex digital systems belonging to large corporations. Much less attention is paid to providing the average user with the basic knowledge and … Read more

From the Winter 2016 Issue

Multinationalism in Digital Forensics

Author(s):

Paul Kubler, Red Team Lead, CYBRI

Native-language tools and exploits have recently started gaining momentum in the ever-growing sphere of multinational cybercrime, as hackers develop tools in their own language. It’s common knowledge that much of the malware discovered today has been written by foreign language-speaking authors. In a speech to the Australian National Press Club two years ago, Eugene Kaspersky … Read more