From the Fall 2015 Issue

Cybersecurity and Leadership: A Changing Landscape

Author(s):

Connie Uthoff, Program Director, The George Washington University

Within the past few years the increase of cyber-attacks in both severity and quantity has introduced risks that impact board members and CEOs more directly than ever before. Previously, the boardroom was not a place where members often concerned themselves with cyber- or technology-related issues. Organizations would hire chief technology or chief information officers to … Read more

From the Fall 2015 Issue

REVIEWING LESSONS LEARNED FROM THE INSIDER THREAT

Author(s):

Jim Mazotas, Founder, OnGuard Systems LLC

Larry Letow, CEO, U.S., CyberCX

As the United States observes National Cybersecurity Awareness Month, we are reminded that organizations of all varieties are at risk for cyber-attacks. Even the largest operations are not immune to the serious ramifications that come with security breaches. In order to operate safely and effectively, organizations need to be vigilant about their cybersecurity practices. While … Read more

From the Fall 2015 Issue

If Information Sharing Is Such a Good Thing, Why Aren’t More Companies Doing It?

Author(s):

Ira E. Hoffman, Esq., Of Counsel, Butzel Long

OUR NATIONAL SECURITY RELIES ON OUR ABILITY TO SHARE THE RIGHT INFORMATION, WITH THE RIGHT PEOPLE, AT THE RIGHT TIME. Our national security relies on our ability to share the right information, with the right people, at the right time.1 While the high-profile attacks against Target, e-Bay, Home Depot, Nieman Marcus, JPMorgan Chase, Sony Pictures … Read more

From the Fall 2015 Issue

“Hack-a-Shaq” or Hack Attack

Author(s):

Joseph Bowens, Sr. Signals Analyst, Visionist, Inc.

Shaquille O’Neal was easily one of the top 50 greatest NBA players, if not one of the greatest basketball players of all time. However, over his career, Shaq shot a paltry 0.527 free throw average. With this in mind, Dallas Mavericks coach Don Nelson orchestrated a plan during the 2008 playoffs to put Shaq on … Read more

From the Fall 2015 Issue

Getting Compliance and Security Right: The Importance of an Integrated, Effective, and Efficient Plan

Author(s):

Celia David, Director, Energy Practice, Navigant

Kenneth Lotterhos, Managing Director, Energy Practice, Navigant

Matthew M. Blizard, Director, Energy Practice, Navigant

The Challenges of the Bulk Electric System  Protecting the nation’s interstate power grid has never been more challenging or more important. Cyber and physical attacks are on the rise and digital equipment is proliferating on the grid, simultaneously enhancing reliability through automation and increasing the potential for vulnerability from cyber intrusions. Reversing the digital trend … Read more

From the Fall 2015 Issue

PLANNING AND EXECUTING AN EFFECTIVE DATA BREACH EXERCISE

Author(s):

Anthony M. Chapa, Assistant Director and Chief Technology Officer, retired, United States Secret Service

Eric L. Qualkenbush, Director, Office of Central Cover; Director, Training and Education, retired, Central Intelligence Agency

T. Casey Fleming, Chairman and CEO, BLACKOPS Partners Corporation

Why Regular Data Breach Exercises Are Required  Data breaches continue to trend up exponentially for all U.S. companies, government agencies, universities, and research facilities. Today, even our smartphones, public Wi-Fi, and homes are consistently being hacked for access to sensitive data. Nation states and privateer hackers have grown dramatically in numbers and capability over the … Read more

From the Fall 2015 Issue

Nobody’s Perfect: Why You Should Be Focused on Detection, Containment, and Response

Author(s):

Paul Caiazzo, Principal, TruShield Security Solutions, Inc.

Target. The United States Office of Personnel Management. Home Depot. UCLA. United Airlines. On the surface, these organizations seem to have more differences than similarities. But while they may operate in very different industries across the public and private sectors, these organizations do share a number of key commonalities which, when viewed together, illustrate a … Read more

From the Fall 2015 Issue

Moving Past Passwords: PIV Credentials for Mobile Device Users

Author(s):

William (Curt) Barker, Cybersecurity Standards and Technology Advisor, National Cybersecurity Center of Excellence

How many accounts do you have that require a username and password? And how many of those usernames and passwords are the same? Chances are that the answer is quite a few. The drive to create more secure passwords, requiring case-sensitive letters, numbers, symbols, and high minimum character counts, often drives people to reuse passwords … Read more

From the Fall 2015 Issue

HOW GOVERNMENTS CAN TURN BYOD FROM A CHALLENGE INTO AN OPPORTUNITY

Author(s):

Joseph Petroski, Senior Director of Sales Engineering, CellTrust Corporation

Bring your own device (BYOD) is not new to government organizations. For years, employees have used their own computers and laptops for work. What has changed is the dramatic rise in mobile device use for both personal and professional interactions. As a result, state and federal government agencies are looking at new ways to support … Read more

From the Fall 2015 Issue

What Is Lurking in the IT Shadows?

Author(s):

Joel Dolisy, CTO and CIO, SolarWinds

Despite its ever-growing presence in federal agencies, shadow IT remains as difficult to define as it is to detect. Shadow IT generally refers to the trend of users adopting IT tools and solutions that are outside of the knowledge or control of the official IT department. For example, most IT departments provide email to employees, … Read more