From the Summer 2017 Issue

Security for College Freshmen

Author(s):

Christopher Cerne, , Focal Point Technologies

INTRODUCTION  Graduating high school and attending college is a huge step for many students that grants new independence. Before starting the fall semester, many have already been briefed about the don’ts of living on campus: don’t do drugs, don’t fail classes and don’t do anything stupid. Unfortunately, there’s an important topic that’s often neglected: Internet … Read more

From the Summer 2017 Issue

Passport to the Future: A Secondary School Cyber Education Case Study

Author(s):

Owen Haiber, Student,

Steve Morrill, CIO & Director of Cyber Science, Loyola Blakefield

Developing and maintaining a cyber-capable workforce is a significant challenge for the United States. Currently, a significant gap exists between the demand for skilled cybersecurity professionals and the number of such people being produced by American talent pipelines. The cybersecurity job market, according to a joint report by Frost & Sullivan and (ISC)2, will see … Read more

From the Summer 2017 Issue

Developing Cybersecurity Leadership – From Art to SCIENCE

Author(s):

Sallie Sweeney, CISSP-ISSMP, PMP, CISM, Principal Cyber Solutions Architect, General Dynamics Information Technology

Finding cyber leaders who have the right amount of technical depth, strength of character, dedication to the mission, and loyalty to the team is like finding a needle in a haystack. Traditional leadership development curricula and frameworks need to address this gap to prepare our future cyber leaders. Cybersecurity teams are often managed by someone … Read more

From the Summer 2017 Issue

Is There A Cybersecurity Labor Shortage or Vision Deficit?

Author(s):

Gary Merry, CEO, Deep Run Security Services, LLC

To understand the status of cybersecurity today, think of it as a young mountain that has formed atop the tectonics of business and technology. The mountain has grown explosively, pushed by the upwelling of industry needs; as the peak elevates, instead of a broader and more secure plateau, it provides less foundation as it loses … Read more

From the Summer 2017 Issue

A Case for Collaboration

Author(s):

Chris Castaldo, Senior Director of Information Security, 2U

In my many years of working in cybersecurity, I’ve found the only thing that can truly secure an organization is collaboration. The most important part of “people, process, technology” is the people. No one in their right mind would tell you it’s possible to prevent 100% of breaches — but, through powerful internal and external … Read more

From the Summer 2017 Issue

Penetration Testing Helps Federal Agencies Explore the Art of the Possible

Author(s):

George Berkheimer, Staff Reporter, United States Cybersecurity Magazine

In two separate cybersecurity attacks in recent years, hackers using stolen third-party vendor credentials managed to harvest debit and credit card information from 160 million combined Home Depot and Target customers. The retailers took a major hit to their reputations, not to mention their bottom lines: $300 million and counting for settlements, legal fees, customer … Read more

From the Summer 2017 Issue

The Human Factor: Users as Security Sensors

Author(s):

Phillip R. Hasse, President/CEO, Contextual IT Solutions

If there is any consensus within IT security, it is that the security provided is often ineffective in preventing or detecting unauthorized activity. Attackers’ agility often exceeds the defenders’ ability to adapt to changing tactics and technologies. Typically, the response is to provide faster machines and more capable software. It’s like a high-stakes chess game … Read more

From the Summer 2017 Issue

SOFTWARE DEFINED NETWORKING’S (SDN) IMPACT ON CYBERSECURITY

Author(s):

Henry J. Sienkiewicz, Author,

Our connected world has changed expectations and requirements. Only a short time ago, a mobile phone connected to an enterprise application would have been unimaginable. The network could not support it. Security would not allow it. Both have evolved. The network has dramatically increased in bandwidth while becoming much more agile. Static, fixed IP addresses … Read more

From the Summer 2017 Issue

Web Application Security: Integration or Extinction

Author(s):

Helen Korobko, Vice President of Technology Solutions, Svitla Systems

Web applications have become a primary vulnerability for modern business  Today, almost every enterprise produces, leverages, transacts business or depends upon web or Cloud enabled software. As a result, web applications have become the number one target for malicious attacks. According to Gartner, 80% of attacks target web applications.1 Often, these attacks exploited easily mitigated … Read more