From the Summer 2024 Issue

The Human Factor: Users as Security Sensors

Author(s):

Phillip R. Hasse, President/CEO, Contextual IT Solutions

the Human Factor

If there is any consensus within IT security, it is that the security provided is often ineffective in preventing or detecting unauthorized activity. Attackers’ agility often exceeds the defenders’ ability to adapt to changing tactics and technologies. Typically, the response is to provide faster machines and more capable software. It’s like a high-stakes chess game … Read more

From the Summer 2024 Issue

Exploring the Differences Between Bug Hunters and Pentesters

Author(s):

Aditya Agrawal, Core Lead Pentester, Cobalt

Exploring The Differences Between Bug Hunters and Pentesters

In the following, we’ll talk about how to transition from a Bug Hunter to a Pentester. It’s important to note that this content is intended to be an objective comparison with a real person’s experiences. These professions have individual pros/cons that add value to the security industry as a whole.  It’s not uncommon to meet … Read more

From the Summer 2024 Issue

DevSecOps 2026: Working Beyond the Organization

Author(s):

Devin Price, Senior Application Security Analyst , NowSecure

By 2026, what will the landscape of DevSecOps look like? How can organizations prepare for this future in the present? Before we can speculate on the future of DevSecOps, we must first consider how it came to be. Before DevSecOps, there was simply DevOps. The goal of DevOps was to allow the development and operations teams within an organization to work together as one cohesive unit, instead of two separate entities. The combination of these teams resulted in a decrease of time for both continuous integration and deployment (Rajapakse, Zahedi, Babar, & Shen, 2021). From the . . .

From the Summer 2024 Issue

Data Privacy: Regulations, Risks & Practicing Good Cybersecurity Hygiene

Author(s):

Mathew Scott, MCFE, Vice President, Equipment Consulting, J.S. Held

Introduction In a world that revolves around the collection and use of various forms of data, continuously assuring the  privacy of data being collected and stored is a major factor in cybersecurity hygiene, i.e. habitual practices for ensuring the safe handling of critical data and for securing networks. Managing the privacy of one’s data includes … Read more

From the Summer 2024 Issue

Digital Pandemics: Are They Now A Thing?

Author(s):

Mark Cunningham-Dickie, Senior Incident Responder, Quorum Cyber

Merriam-Webster’s Dictionary defines a pandemic as an “outbreak of a disease that occurs over a wide geographic area (such as multiple countries or continents).” The recent COVID-19 outbreak is an example of a pandemic with which the world is now unfortunately familiar. If the word “disease” is exchanged with the term “ransomware attack,” then the … Read more

From the Spring 2024 Issue

Brown Paper Packages Tied Up With Cyber – the Consumer Package Goods Industry and Cybersecurity

Author(s):

Henry J. Sienkiewicz, Faculty, Georgetown University

introduction A doorbell rings, a text message arrives- a package has been delivered to a front porch or loading dock. The Consumer Packaged Goods (CPG) industry delivers a wide range of products sold to consumers – safely, reliably, and routinely – from grocery stores to department stores. The CPG industry comprises businesses involved in producing, … Read more

From the Spring 2024 Issue

Microsegmentation’s Role in Compliance: Meeting Regulatory Requirements

Author(s):

Larry Letow, CEO, U.S., CyberCX

Microsegmentation's Role in Compliance

Introduction In today’s interconnected world, regulatory compliance has become a top priority for organizations across various industries. Businesses must adhere to an ever-growing list of laws and regulations designed to protect sensitive data and maintain the security and privacy of customers and stakeholders. One crucial technology that has emerged to assist organizations in achieving regulatory … Read more

From the Spring 2024 Issue

Shielding Projects: Cybersecurity Strategies for PMOs

Author(s):

Rahul Yadav, Founder & CEO, Feasti

In this digital era, organizations face cyber threats with severe consequences. These threats are primarily due to remote working, the usage of unsecured devices or the use of outdated antivirus software. An effective cybersecurity strategy involves risk assessment for effective resource allocation. Moreover, security systems such as encryptions and firewall software stop unauthorized access. Project … Read more

From the Spring 2024 Issue

The Evolving Dynamics of Product and Operational Technology Security Within the Semiconductor Industry

Author(s):

Krishna Chaitanya Tata, Operational Technology Cybersecurity Leader, IBM

Krishna Tata-Spring 2024

Introduction Security within products is the need of the hour across manufacturing organizations, more so within semiconductor manufacturing. Secure by Design is an imperative that organizations are adopting very rapidly. This is very critical for the manufacturing industry as it is the most targeted industry for cybersecurity attacks in the last year. The graphic below … Read more