From the Fall 2019 Issue

Running on a Treadmill: Breaking Through Ingrained, Ineffective Solution Habits

Author(s):

Adam Firestone, Editor-in-Chief , United States Cybersecurity Magazine

harmful-products

Christopher McDougall’s 2009 book Born to Run:  A Hidden Tribe, Superathletes, and the Greatest Race the World Has Never Seen paints a damning picture of an industry dedicated to a profitable but harmful product line. With each successive product generation, the extent of the damage caused by reliance on the product grows, driving purchases of … Read more

From the Fall 2019 Issue

From the Editor-in-Chief

Author(s):

Adam Firestone, Editor-in-Chief , United States Cybersecurity Magazine

Hello, Albert Einstein is widely reputed to have said that the definition of insanity is doing the same thing repeatedly and expecting different results. While Einstein never actually uttered these words, they are a useful illustration of much of what happens across the American cybersecurity community.  Breached? Conventional wisdom says that the root cause is … Read more

From the Fall 2019 Issue

A Paradigm Shift in Data Security

Author(s):

Andres Andreu, Founder / CTO, nTropic Security, Inc.

Data Security-header

Files; we all use them on a daily basis. Undeniably, they are often at the center of successes and failures on many fronts. Files rule the business world from presentations to legal documents. Files also have an enormous impact on our personal lives and, given the proliferation of social media files, are more important now … Read more

From the Fall 2019 Issue

DoD Contractors Prepare for CMMC Assessment and Certification in 2020

Author(s):

Chor-Ching Fan, President and CEO, Rizkly

CMMC Assessment and Certification in 2020

Department of Defense (DoD) contractors understand that demonstrating security and compliance is critical to winning business with the Pentagon. Recently, the DoD has announced a new security standard designed to address cybersecurity concerns for contractors providing products and services for the defense supply chain.[1] The Cybersecurity Maturity Model Certification (CMMC) will require cybersecurity audits and … Read more

From the Fall 2019 Issue

IT Governance to Streamline and Strengthen Your Cybersecurity Posture

Author(s):

Dr. Michael C. Redmond, Director, IT and GRC Consulting and Audit, EFPR Group

Redmond -feature-Governance

When Equifax became arguably the first firm to have its outlook downgraded due to the cybersecurity issues recently, the long-term impact of cyber ignorance became amply clear. Today, as organizations are leveraging more and more digital systems of engagement, transactions, and records, the ramifications of an adverse cyber event are getting bigger. The attacks are … Read more

From the Fall 2019 Issue

from the {Publisher}

Author(s):

Karen Austin, Publisher, United States Cybersecurity Magazine

Greetings, Welcome to the Fall 2019 issue of the United States Cybersecurity Magazine! As always, we’d like to take a moment to thank our supporters, members, sponsors, contributors, and everyone else who makes the magazine possible. All of us here at the United States Cybersecurity Magazine remain committed to bringing you, our readers, the best … Read more

From the Fall 2019 Issue

Practical Advice for DoD Contractor Cybersecurity Compliance

Author(s):

Glyn Cashwell, Esq., JD, CISSP, CSEP, PMP, PE, ProObject/Cashwell Legal, LLC

Compliance

There are a number of questions that small businesses frequently ask about cybersecurity compliance within their organization. It is important for the DoD small business community to better understand Controlled but Unclassified Information (CUI), DFARS 252.204-7012, and Cybersecurity Maturity Model Certification (CMMC). What Exactly is Controlled but Unclassified Information (CUI)? CUI must be clearly marked … Read more

From the Fall 2019 Issue

The Maryland National Guard: Cybersecurity From Army to Air

Author(s):

Caleb Townsend, Staff Writer, United States Cybersecurity Magazine

175th Cyberspace Operations Group

The Maryland National Guard is a state defense team that has over 300 cyber personnel who bring cutting-edge military training and their civilian capabilities to support state and federal missions. The United States Cybersecurity Magazine had the opportunity to partake in a round table discussion with Col. Reid Novotny, Joint Staff/J6-C4 & Cyber, Col. Vic … Read more

From the Fall 2019 Issue

We Hear The Problems, But What Are The Solutions?

Author(s):

Tina C. Williams-Koroma, President/CEO, TCecure, LLC

Problem and Solutions

Where should we even start? That is a common question among company owners and executives when it comes to being presented with new cyber threats, compliance requirements, and/or regulations. There are malicious actor threats to their organizations. Additionally, companies face the hammer of non-compliance fines and often unfunded new governmental mandates. At many cybersecurity conferences, … Read more

From the Fall 2019 Issue

Avoiding Phantom Risk – Chasing Exploitability, Not Vulnerability

Author(s):

Alex Haynes, CISO, Cheshire Data Systems Ltd.

exploitability

The gravest warning a pen test report could contain are the words “The host may be vulnerable to remote code execution”.  It is hard to know what that immediately means. Did they get system access on a host? Nope. Was there a public exploit available for that version of software that enabled remote code execution? … Read more