Issue: Fall 2022

From the Fall 2022 Issue

The Ransomware Threat in Healthcare: 2022

Author(s):

John Price, Chief Executive Officer, SubRosa

Ransomware Threat in Healthcare

Since the onset of the COVID-19 pandemic, the healthcare sector has witnessed a series of sweeping changes that have transformed its digital landscape. From the rise of telemedicine to the increased integration of medical IoT devices, many of these changes have extended the capabilities of healthcare providers and helped them deliver better patient experiences. As … Read more

From the Fall 2022 Issue

Women in Cybersecurity Law: Undermining Prejudices

Author(s):

Elizabeth B. Shirley, Partner, Burr & Forman LLP

women-in-cybersecurity-law

Girls and women too often avoid pursuing studies and careers in fields based in math and science, such as information technology, cybersecurity and, in the context of law, cybersecurity law. Indeed, there is (and was) a misperception and deeply rooted prejudice that girls and women are, by nature, not good at math and science. These … Read more

From the Fall 2022 Issue

Putting Risk Back into Cyber Risk Management

Author(s):

Shawn M. Thompson, Founder and CEO, ITMG

Cyber Risk Management

Corporations are faced with the omnipresent threat of security attackers, both external and internal, seeking to steal money or information, disrupt operations, destroy critical infrastructure, or otherwise compromise data-rich institutions. There’s no shortage of money or technological tools being devoted to support cyber risk management, as such threats are high on the agendas of senior … Read more

From the Fall 2022 Issue

Vulnerability Management – Doing IT Right

Author(s):

Sarith Somasundaran Pullanikkat, Security Program Manager, Meta Platforms, Inc.

Vulnerability Management - Fall 2022

Any organization — big or small — with an Internet presence has to deal with malicious actors trying to compromise them. Exploiting open vulnerabilities in systems exposed to the web is one of the most common approaches adversaries use to penetrate an organization. Once they are in, they can use any number of techniques to … Read more

From the Fall 2022 Issue

Through the Lens of a CISO

Author(s):

Andres Andreu, CISO, 2U, Inc.

Through the Lens of a CISO

A modern-day cybersecurity leader, typically a Chief Information Security Officer (CISO), needs to look at the world, its events, its meta-data, its features and its people in a very specific way in order to be successful. While some of this may sound borderline paranoid to outsiders, a good CISO develops a healthy respect for opposing … Read more

From the Fall 2022 Issue

Using Behavior Profiling to Identify Insider Threats – Part 2

Author(s):

Richard Benack, Principal Investigator, Hiperformance Security

using-behavior-profiling-part-2-benack-fa22

INTRODUCTION In the previous article, we talked about the importance of identifying risky and threatening behavior from people working in an organization. But that is only half the story. The most important part of keeping an organization safe from insiders is detecting and countering threatening behavior. Detection and countering of insider threats requires both a … Read more

From the Fall 2022 Issue

Seizing Opportunities – Developing Inner Resiliency!

Author(s):

Diane M Janosek, PhD, JD, CISSP, LPEC, Senior Legal Advisor, WiCyS Mid-Atlantic

Seizing Opportunities-Janosek- Fall 2022

In today’s world, cyber professionals are on 24/7 to keep mission systems secure and operational, but what has one done for oneself lately? As the world has changed due to the pandemic, so has personal and professional routines. The biggest challenge often experienced, but infrequently discussed, is how does a cybersecurity professional stay on the … Read more

From the Fall 2022 Issue

Information Wars: How Disinformation is the Fastest Growing Cyber Threat

Author(s):

Gabrielle Hempel, Systems Engineer, RSA Security

Information Wars

Disinformation campaigns have been an enormous part of today’s political landscape—but do they pose a cybersecurity threat as well? Targeted disinformation campaigns often leverage various parts of the Internet and rely heavily on social media platforms to communicate their intended content. However, disinformation has become a critical aspect of many cyber-attacks, and the manipulation of … Read more

From the Fall 2022 Issue

Who’s Responsible for the Death of Privacy?

Author(s):

A.J. Nash, Vice President of Intelligence, ZeroFOX

Who's Responsible for the Death of Privacy

In the last 40 years, the industrialized world has become reliant on interconnected technologies, with nearly all communication now accomplished through email, cellular phones, and various messaging systems. Additionally, nearly all records — from the critical to the mundane — are stored in connected environments not controlled by those who routinely entrust their data to … Read more

From the Fall 2022 Issue

Anonymous Hacktivism

Author(s):

Ellen Cornelius, J.D., J.D., The Center for Health & Homeland Security

Anonymous Hacktivism

Flying the Flag of Feminist Ethics for the Ukraine IT Army[1] In January 2022, Russia began its assault. Russian forces launched wiper malware against Ukraine’s Foreign Ministry and networks used by the cabinet.[2] Russia launched several attacks such as Distributed Denial-of-Service (DDoS) attacks against Ukrainian banking and defense websites in early February, and again, Russia … Read more