Issue: Spring 2021

From the Spring 2021 Issue

Five Best Practices for Cloud Security

Author(s):

Alex Jones, Information Security Manager, Cobalt.io

5-best-practices-for-cloud-storage

Companies of all sizes are rapidly moving to cloud-based technology to enable a remote workforce and support critical business functions in the challenging pandemic environment. While the expansion of cloud services has exponentially accelerated through COVID-19, the truth is they have been growing rapidly even before the pandemic. These shifts increase companies’ attack surface and … Read more

From the Spring 2021 Issue

Cybersecurity: The Danger of Comfort Zones

Author(s):

Dr. Rebecca Wynn, Chief Cybersecurity Strategist & CISO, Click Solutions Group

cybersecurity-the-danger-of-comfort-zones

The biggest danger of any organization is comfort zones. These comfort zones are seen in silos and in the culture of “we have always done things this way.” Cybersecurity, compliance, privacy, governance, and IT departments are no exception to having this danger. The emergence of new devices and software products designed to unite employees has … Read more

From the Spring 2021 Issue

Cyber Doomsday on Wall Street

Author(s):

Christian George, Lead Engineer, Booz | Allen | Hamilton

cyber-doomsday-on-wall-street

THE BIG ONE With high-speed trades and immense quantities of exchanges, the global financial community is the most interconnected industry to have ever existed. Banks have always been a target for nefarious actors. As Willie Sutton, the infamous bank robber, reputedly replied to the question of why he robbed banks: “Because that’s where the money … Read more

From the Spring 2021 Issue

Human Security Engineering: A New Model for Addressing the “User Problem”

Author(s):

Ira Winkler, CISSP, CISO, Author, Skyline Technology Solutions

human-security-engineering

Despite best efforts, the cybersecurity professional has yet to be able to adequately handle what people refer to as “The User Problem”. A user will inevitably click on a phishing link. A user will inevitably fall prey to a social engineer. A user will click on a malicious web link. A user will accidentally email … Read more

From the Spring 2021 Issue

Addressing Skills and the Gender Gap in Cybersecurity

Author(s):

Carmen Marsh, President and CEO, United Cybersecurity Alliance

Addressing the Skills & Gender Gap in Cybersecurity

There are not enough women being properly trained to meet the demand for skilled cybersecurity professionals; therefore, not enough women filling open positions in the cybersecurity field. Even though there has been an uptick in the number of women in cybersecurity, we are still far from having the gender balance needed. Mindset diversity is extremely … Read more

From the Spring 2021 Issue

Telemedicine is Not Going Anywhere – Where’s the Security Infrastructure to Back It Up?

Author(s):

Asaf Ashkenazi, Chief Operating Officer , Verimatrix

telemedicine-is-not-going-anywhere

In the wake of 2020’s last year’s world-shaking events, traditional workflows were completely disrupted, accelerating digital transformation at a rapid pace. Telemedicine, a virtual replacement for in-person doctor visits via video or other technological methods, started gaining significant traction in recent years, reaching an all-time-high due to COVID-19. Patients have now turned to telemedicine in … Read more

From the Spring 2021 Issue

Recovering from Catastrophic Data Loss

Author(s):

Roland Airey, Senior Consultant, Kenneally Technology Services

protect-your-data

Now, almost all parts of our business life are digital! Spreadsheets, pictures, accounting files and videos are all particularly important files maintained by your company or organization. There is a possibility at some point data was stolen from you by a computer hack or perhaps files were deleted by a disgruntled employee. No matter the … Read more

From the Spring 2021 Issue

Diversity and Inclusion in Cybersecurity and Technology

Author(s):

Bob Fabien Zinga, Head of Information Security , Directly, Inc. & U.S. Navy Reserve

Diversity-and-Inclusion-in-Cybersecurity-and-Technology

The technology workforce should be as diverse as our nation. Diversity is the strength of the United States of America. The national motto, “E Pluribus Unum,” is translated “out of many, one.” In America, people are one nation out of many nationalities. When diversity is represented in hiring practices, organizations become stronger and more resilient. … Read more

From the Spring 2021 Issue

The Key is Under the Mat, and We Left the Lights On

Author(s):

Scott Smurthwaite, PhD, Information System Security Engineer , mangoLabs

the-key-is-under-the-mat

Russian Hackers On December 8, 2020, when FireEye CEO, Kevin Mandia, announced in his company blog that a highly sophisticated state-sponsored adversary stole FireEye’s ‘Red Team’ tools1, it was a harbinger for the storm we would eventually know as, The SolarWinds Hack. The following week, when FireEye announced that they had identified a global campaign … Read more

From the Spring 2021 Issue

Radio Frequency Operations and Training From a Virtually Different Point of View

Author(s):

Rick Mellendick, Chief Security Officer, Process Improvement Achievers, LLC

radio-frequency-operations-and-training

Radio Frequency (RF) security, sometimes called wireless security, is much more than just WiFi. Over the past few years, there has been rapid growth in WiFi training courses, but very few that specialize in RF defensive and operational preparation. The usable RF spectrum for data exfiltration is typically from around 10 MHz though near 12Ghz, … Read more