From the Fall 2021 Issue

From the Editor-in-Chief

Author(s):

Adam Firestone, Editor-in-Chief , United States Cybersecurity Magazine

Hello, 1977 was a great year, for so many reasons.  Not least among them was the release of the Ramones’ Rocket to Russia album, on side one (remember when albums had sides?) of which, Joey sang: I don’t care (He don’t care) I don’t care (He don’t care) I don’t care about these words I … Read more

From the Fall 2021 Issue

From the Publisher

Author(s):

Karen Austin, Publisher, United States Cybersecurity Magazine

Greetings, Welcome to National Cybersecurity Awareness Month and the Fall 2021 issue of the United States Cybersecurity Magazine!  As always, we’d like to take a moment to thank our supporters, sponsors, contributors and everyone else who makes the magazine possible.  All of us here at the United States Cybersecurity Magazine remain committed to bringing you, … Read more

From the Fall 2021 Issue

Breach and Attack Simulation: The Newest Way to Test Your Defenses

Author(s):

Paul Kubler, Head of Red Team Operations, CYBRI

Breach and Attack Simulation

Breach and Attack Simulation (BAS) is a new component of a proactive cybersecurity program. The simulation is designed to continuously assess your security controls based on configuration, scanning, and testing leveraging more automation than a traditional pentest. BAS, as it is known, is designed to enhance a regular vulnerability scanning program and consolidate the view … Read more

From the Fall 2021 Issue

Synthetic Identity Fraud (SIF): Combating the Phantom Menace

Author(s):

Dr. Rebecca Wynn, Global CISO & Chief Privacy Officer ,

Synthetic Identity Fraud

The article will explain what Synthetic Identity Fraud (SIF) is; why you should care; and what to do to protect yourself/child/business. It is a high-level overview meant to be informative and educational. By the end of the reading, you will hopefully agree with this premise and these definitions. Half-Artificial and Half-Human: A Synthetic Identity (SID); … Read more

From the Fall 2021 Issue

Penetration Testing: Why Leaks Need to Be Sealed

Author(s):

Michael Lassiter Jr., President, Strong Exploits, LLC

Penetration Testing_ Why Leaks Must Be Seales

Penetration testing is arguably one of the most necessary operations within cybersecurity and its importance is becoming more relevant to C-level executives. It is estimated that almost 70% of business leaders believe that their cybersecurity risks are increasing; therefore, there is a great need for continuous reduction of these risks. As threats continue to evolve … Read more

From the Fall 2021 Issue

Cybersecurity: The Anatomy of Ransomware Attacks

Author(s):

Ricoh Danielson, Cyber Security Incident Responder,

The Academy of Ransomware Attacks

Ransomware is a form of malware that utilizes a number of vectors to access computers. With the rise of cloud, mobile, and remote work, ransomware attacks have significantly increased as have ransom demands. An example of a common vector is phishing which is delivered via email and allows a threat actor to control a victim’s … Read more

From the Fall 2021 Issue

Practicing What We Preach: Working Together to Mitigate Cyber Threats

Author(s):

Stacey Wright, Vice President, Cyber Resiliency Services, Cybercrime Support Network (CSN)

Practicing What We Preach

Pogo infamously stated in a 1970 cartoon “we have met the enemy and he is us.” As cybersecurity professionals, we recognize that humans are the weakest link when it comes to securing our businesses. We ask employees to not open suspicious attachments or click on suspicious links; to use strong, unique passwords; to follow rules … Read more

From the Fall 2021 Issue

Patchwork State Privacy Legislation vs Federal Law: Small and Midsize Businesses Would Benefit from One Clear Path

Author(s):

Michelle A. Schaap, Team Leader, Privacy & Data Security Practice, Chiesa Shahinian & Giantomasi PC

Once Clear Path

Privacy initiatives are gaining traction across the country. The problem is that the states’ laws are inconsistent, leaving small and mid-sized businesses, in particular, struggling to understand by which laws they are bound and which “reasonable” means to implement towards securing the personal information they control and process. Moreover, while all 50 states have breach … Read more

From the Fall 2021 Issue

Pros and Cons of Paying Ransomware

Author(s):

Dr. Jason Edwards, Cybersecurity Strategy Principal, USAA

Griffin Weaver, Senior Legal Counsel, Dell Technologies

Introduction Ransomware is one of the most prolific cybersecurity threats that businesses face. A combination of a virus and a worm, combined with numerous social engineering techniques, have made it a billion-dollar industry for criminals across the planet.  Ransomware is a common and fast-growing industry made even worse through modern franchising by more extensive and … Read more