From the Fall 2016 Issue

LINGERING VULNERABILITIES

Author(s):

Ragu Ragunathan, Principal Cybersecurity Consultant, Web Traits, Inc.

Most organizations depend on a complex set of information systems for their mission-critical functions. The risks to these systems and the information they contain are one of many concerns for management at all levels. For practical, operational reasons, most organizations will often allow for a few vulnerabilities that impact their information systems, with a plan … Read more

From the Fall 2016 Issue

The Cybersecurity Poverty Line

Author(s):

Mike Dombo, Vice President, Sales, Point3 Security, Inc.

In her 2013 RSA presentation, “Living Below the Security Poverty Line: Coping Mechanisms,” Wendy Nather coined the term “Security Poverty Line” to better elaborate on the dismal state of security in organizations’ application development shops.1 There are the haves and the have-nots when it comes to cybersecurity. An organization’s ability to protect itself from attack … Read more

From the Fall 2016 Issue

Elevating Cybersecurity to an Organizational Risk Management Function

Author(s):

Michael Volk, Cybersecurity Specialist, PSA Insurance & Financial Services

The environment of cybersecurity is complex and uncertain, but it is at times framed in the context of a game that is predictable and defined by rules. This approach can lead to an overreliance on advanced cybersecurity tools to predict and prevent incidents. It may also result in placing too much pressure on IT experts … Read more

From the Fall 2016 Issue

Cybersecurity for Wireless Devices and Networks

Author(s):

Philip Green, President/CEO, INNOPLEX, LLC

In the cybersecurity environment, the role a cyber-attacker plays in a given scenario is much easier to execute than that of a defender. This assertion is a basic tenet of cybersecurity operations that most security professionals around the world acknowledge. In general terms, an attacker needs to find only one weakness or intrusion opportunity, while … Read more

From the Fall 2016 Issue

Signals and Noise: Examining Flaws in SS7

Author(s):

Connie Uthoff, Program Director, The George Washington University

In mid-August of 2016, a hacker referred to as “Guccifer 2.0” allegedly released documents stolen from the Democratic Congressional Campaign Committee (DCCC), including the personal cell phone numbers and email addresses of nearly all Democrats in the House of Representatives. The same hacker claimed credit for the recent Democratic National Committee (DNC) hacks; which resulted … Read more

From the Fall 2016 Issue

Incentivize Me: The Story of IoT & Malware

Author(s):

Craig Harper, Chief Technology Officer, Sysorex

Wow-factor. It’s one of the best parts of new technology. Childhood dreams and impossible ideas have not only come to exist, but are highly integrated into our daily lives. The Internet of Things (IoT) phenomenon has the wow-factor that so many seek and try to harness in their ideas and products. But those who are … Read more

From the Fall 2016 Issue

Counting Down from Zero

Author(s):

Amanda Fortner, Managing Editor, United States Cybersecurity Magazine

“Zero-day.”  The word is enough to strike fear into the hearts of even the most seasoned cyber-warriors. If a zero-day vulnerability has been uncovered in the system they’re supposed to be defending, all of their training and preparation, their work hardening the network to attacks, has been rendered null and void. There’s no point in … Read more

From the Fall 2016 Issue

Cybersecurity Attacks Threaten 9-1-1 Response

Author(s):

Timothy Lorello, President & CEO, SecuLore Solutions

Our public safety infrastructure is under cyber-attack! Like every other part of the internet-based economy, these systems are continuously exposed to attacks that have been increasing at an alarming rate.  Over 240 million 9-1-1 calls are made every year, with over 75% coming from wireless phones.1,2 Almost 6,000 public-safety answering points (PSAPs) field the calls … Read more

From the Fall 2016 Issue

Illuminating Issues of Grid Cybersecurity

Author(s):

Joseph S. Abrenio, Vice President of Commercial Services, Delta Risk LLC

Introduction  Ongoing cyber-attacks are the new normal. Whether they’re the work of politically or criminally-motivated individuals, or the coordinated efforts of nation-state actors, our nation’s critical assets will continue to be bombarded by digital attacks. Those protecting our critical infrastructure must be vigilant to the ever-evolving cyber threats to the industry. Many of these threats … Read more