Fall 2016 Archives

From the Fall 2016 Issue

Reducing Risk

Three Steps to Implementing an Insider Threat Program

Author(s):

Raj Ananthanpillai, CEO, IDentrix

THERE ARE MAJOR CHANGES ON THE HORIZON FOR GOVERNMENT CONTRACTORS WHO WORK WITH THE DEPARTMENT OF DEFENSE. There are major changes on the horizon for government contractors who work with the Department of Defense. By the end of November, the new Defense Security Service (DSS) NISPOM Change 2 will impact DoD contractors, requiring them to … Read more

From the Fall 2016 Issue

Reducing Risk

LINGERING VULNERABILITIES

Author(s):

Ragu Ragunathan, Principal Cybersecurity Consultant, Web Traits, Inc.

Most organizations depend on a complex set of information systems for their mission-critical functions. The risks to these systems and the information they contain are one of many concerns for management at all levels. For practical, operational reasons, most organizations will often allow for a few vulnerabilities that impact their information systems, with a plan … Read more

From the Fall 2016 Issue

Reducing Risk

The Cybersecurity Poverty Line

Author(s):

Mike Dombo, Vice President, Sales, Point3 Security, Inc.

In her 2013 RSA presentation, “Living Below the Security Poverty Line: Coping Mechanisms,” Wendy Nather coined the term “Security Poverty Line” to better elaborate on the dismal state of security in organizations’ application development shops.1 There are the haves and the have-nots when it comes to cybersecurity. An organization’s ability to protect itself from attack … Read more

From the Fall 2016 Issue

Reducing Risk

Elevating Cybersecurity to an Organizational Risk Management Function

Author(s):

Michael Volk, Cybersecurity Specialist, PSA Insurance & Financial Services

The environment of cybersecurity is complex and uncertain, but it is at times framed in the context of a game that is predictable and defined by rules. This approach can lead to an overreliance on advanced cybersecurity tools to predict and prevent incidents. It may also result in placing too much pressure on IT experts … Read more

From the Fall 2016 Issue

Defending the Network

Cybersecurity for Wireless Devices and Networks

Author(s):

Philip Green, President/CEO, INNOPLEX, LLC

In the cybersecurity environment, the role a cyber-attacker plays in a given scenario is much easier to execute than that of a defender. This assertion is a basic tenet of cybersecurity operations that most security professionals around the world acknowledge. In general terms, an attacker needs to find only one weakness or intrusion opportunity, while … Read more

From the Fall 2016 Issue

Defending the Network

Signals and Noise: Examining Flaws in SS7

Author(s):

Connie Uthoff, Program Director, The George Washington University

In mid-August of 2016, a hacker referred to as “Guccifer 2.0” allegedly released documents stolen from the Democratic Congressional Campaign Committee (DCCC), including the personal cell phone numbers and email addresses of nearly all Democrats in the House of Representatives. The same hacker claimed credit for the recent Democratic National Committee (DNC) hacks; which resulted … Read more

From the Fall 2016 Issue

Defending the Network

Incentivize Me: The Story of IoT & Malware

Author(s):

Craig Harper, Chief Technology Officer, Sysorex

Wow-factor. It’s one of the best parts of new technology. Childhood dreams and impossible ideas have not only come to exist, but are highly integrated into our daily lives. The Internet of Things (IoT) phenomenon has the wow-factor that so many seek and try to harness in their ideas and products. But those who are … Read more

From the Fall 2016 Issue

Feature Article

Counting Down from Zero

Author(s):

Amanda Fortner, Managing Editor, United States Cybersecurity Magazine

“Zero-day.” The word is enough to strike fear into the hearts of even the most seasoned cyber-warriors. If a zero-day vulnerability has been uncovered in the system they’re supposed to be defending, all of their training and preparation, their work hardening the network to attacks, has been rendered null and void. There’s no point in … Read more

From the Fall 2016 Issue

Preparing for Tomorrow’s Threats

Cybersecurity Attacks Threaten 9-1-1 Response

Author(s):

Timothy Lorello, President & CEO, SecuLore Solutions

Our public safety infrastructure is under cyber-attack! Like every other part of the internet-based economy, these systems are continuously exposed to attacks that have been increasing at an alarming rate. Over 240 million 9-1-1 calls are made every year, with over 75% coming from wireless phones.1,2 Almost 6,000 public-safety answering points (PSAPs) field the calls … Read more

From the Fall 2016 Issue

Preparing for Tomorrow’s Threats

Illuminating Issues of Grid Cybersecurity

Author(s):

Joseph S. Abrenio, Vice President of Commercial Services, Delta Risk LLC

Introduction Ongoing cyber-attacks are the new normal. Whether they’re the work of politically or criminally-motivated individuals, or the coordinated efforts of nation-state actors, our nation’s critical assets will continue to be bombarded by digital attacks. Those protecting our critical infrastructure must be vigilant to the ever-evolving cyber threats to the industry. Many of these threats … Read more

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.