Greetings, Welcome to the Spring 2022 issue of the United States Cybersecurity Magazine! As always, we’d like to take a moment to thank our supporters, members, sponsors, contributors and everyone else who makes the magazine possible. All of us here at the United States Cybersecurity Magazine remain committed to bringing you, our readers, the … Read more
Hello, Let’s be honest. All of us in the cybersecurity community think of ourselves, more or less (and more often more than less) as technocrats. We’re masters of that sterile domain in the ether where everything boils down to sterile ones and zeros (or qubits). We speak in tongues, our conversations a tent-revival glossolalia made … Read more
“Victory awaits him who has everything in order. Defeat is certain for him who has neglected to take all the necessary precautions in time.” Roald Amundsen, on the South Pole. Uncertainty, chaos, and luck – why some thrive despite them all. In the book Great by Choice, Jim Collins and Morten Hansen distill a decade’s … Read more
All too often, (cyber) security is seen as an impediment to the organizational mission. Industry is rampant with examples of boardrooms and decision-makers waylaying and marginalizing the security professional and their team(s). What is needed is a way to turn this narrative around – akin to brakes on a motor vehicle. Most people do not … Read more
When we traditionally discuss the term “cybersecurity”, we think in terms of protecting computer systems and the data that resides in them. We rarely think of protecting the people who manage this technology and its associated data. Coming from the intelligence world, it was taught to assume that the weakest link in any system or … Read more
TBONE, Tesla, and Technological Threats In October 2016, U.S.-based vehicle manufacturer Tesla received some surprising news – two German security researchers had found a way to hack the company’s cars using a drone. The researchers, Ralf-Philipp Weinmann and Benedikt Schmotzle had hacked into Tesla’s systems by exploiting several zero-click vulnerabilities in the ConnMan software, an … Read more
The way in which work is performed has changed dramatically over the last 20 years. Digital transformation, coupled with the transition to remote work, has only accelerated over the last several years with the backdrop of Covid. Organizations today, large and small, have the herculean mandate of securing their biggest liability — remote workers and … Read more
Third-party onboarding today isn’t easy and with the rise in supply chain attacks, the importance of auditing and ensuring your third parties won’t impact your infrastructure from a security perspective remains a burning issue. Many companies still maintain a tick box approach when onboarding or managing third parties and mainly consist of sending out questionnaires … Read more
It is no secret that a well-defined, tested and implemented cybersecurity program is an essential function for the stability of business operations; however, there are many variables to consider. Rapid advances in technology have changed the dynamics of informed decision-making with the best option often being to introduce a newer technology into the market, rather … Read more
Our reactive, defensive approach to IT security isn’t working − proactive de-risking is the way forward. “Disconcertingly routine.” That’s how an article in a national news publication summed up the current cyber-attack landscape after the recent discovery that Chinese hackers had breached several governments and universities around the world in a years-long campaign to steal … Read more
