From the Summer 2021 Issue

A (very) Brief Introduction to Open Source Intelligence (OSINT)

Author(s):

Nihad A. Hassan, Author , OSINT.link

A (very) Brief Introduction to Open Source Intelligence (OSINT)

Introduction Open Source Intelligence (OSINT) is a collective term used to describe all techniques and tools used to harvest information from publicly available resources in a timely manner to support a specific intelligence requirement. There was no particular date when the term OSINT was first coined; however, the act of gathering intelligence from publicly available … Read more

From the Summer 2021 Issue

The Subtle Sabotage of Blame in Cybersecurity and Online Safety

Author(s):

Tim McGuinness, Ph.D, Director , SCARS - Society of Citizens Against Relationship Scams Inc.

subtle-sabotage-of-blame

We All Do It, We All Blame Someone for Something Sometimes it is justified, sometimes there is cause, and it is very hard to remove it from your vocabulary – but it is always destructive. We recently heard a cybersecurity training professional tell a story about motivating a corporate team to do better with cybersecurity. … Read more

From the Summer 2021 Issue

Zero Trust: Is It All It’s Cracked Up To Be Or Is It Hype? Or A Bit of Both?

Author(s):

Tina Gravel, SVP Global Channels and Alliances , Appgate

Zero Trust

Few enterprise security technologies have garnered as much attention and hype as Zero Trust over the past decade. Yet, despite all the buzz, there remains a great deal of confusion and uncertainty in the market – is Zero Trust a framework, a reference architecture, or an actual technology? Does the Zero Trust model match the … Read more

From the Summer 2021 Issue

So, You Want to be a Threat Hunter?

Author(s):

Ray Espinoza, CISO, Cobalt

Threat Hunter

The general goal of threat hunting is to actively identify attackers who have made it past an organization’s cyber-defenses so those infiltrators can be halted before significant damage is done. You can think of threat hunters almost like detectives, on a race against time to catch cybercriminals as quickly as possible. As you can imagine, … Read more

From the Summer 2021 Issue

New Executive Order Knocks Down Old Barriers

Author(s):

James Everett Lee, Chief Operating Officer, The Identity Theft Resource Center

New Executive Order

Southwest Airlines (SWA), Flight 1380, was climbing through 32,000 feet on the morning of April 17, 2018. At approximately 11:03 am, fan blade No. 13 of the left engine shattered along a previously undetected stress fracture. A 12-inch section, weighing about 6.825 pounds and a two-inch section of a fan blade weighing .650 pounds, separated … Read more

From the Summer 2021 Issue

Accelerating Critical Infrastructure Security in The Energy Sector

Author(s):

Chuck Brooks, President , Brooks Consulting International

Accelerating Critical Infrastructure Security in The Energy Sector

Critical energy infrastructure has been under siege by threat actors. The May 7, 2021, cyberattack against Colonial Pipeline is illustrative of the growing impact of cyberthreats on the energy sector and the need to prioritize cyber-defenses. “Senators Maggie Hassan (D-N.H.) and Ben Sasse (R-Neb.) recently introduced legislation called The National Risk Management Act that is intended to protect … Read more

From the Summer 2021 Issue

Flashing Red Lights: Cybersecurity for Intelligent Transportation Systems

Author(s):

Christopher J. Brown, Author ,

Henry J. Sienkiewicz, Author,

Red lights, yellow lights, green lights. A flashing light?  A traffic warning sign?  Recognized as a critical infrastructure by the Department of Homeland Security (DHS), the transportation system is essential to modern life. From the skies to the seas to the railways to the roadways, and to bike lanes and pedestrian crossing, this highly complex … Read more

From the Summer 2021 Issue

Developing Gamification and E-sports for Space and Cybersecurity Skills Development

Author(s):

-William J. "Bill" Britton, Vice President of Information Technology and Chief Information Officer, California Polytechnic State University

Danielle Borrelli, Operations Coordinator & Program Lead for the Trafficking Investigations Hub , California Cybersecurity Institute

Developing Gamification

Last year, the United States saw a record high number of cyber-attacks impacting businesses, government entities, and individuals. Sophisticated threat actors continue to produce and enhance attacks that cripple critical infrastructure, with SolarWinds being the latest example. According to IDG Research Services, 80% of senior IT and IT security leaders believe their organizations are not … Read more

From the Summer 2021 Issue

Chesapeake Science & Security Corridor Supports Army Readiness, Resilience Through Networked Defense Industry Base and CMMC Framework

Author(s):

Karen Holt, Deputy Director and Federal Installation Administrator, Harford County Government, MD

Chesapeake-Science-&-Security-Corridor-Supports

The Chesapeake Science and Security Corridor (CSSC)’s epicenter is Harford County, MD, home to Aberdeen Proving Ground (APG). Inside the gates of this 100+ tenant Department of Defense (DoD) Research, Development, Test & Evaluation (RDT&E) megabase are six Centers of Excellence including C5ISR, and the highest concentration of advanced degrees on a U.S. military installation. … Read more