Topic: Cybersecurity & The Threat Landscape

From the Fall 2025 Issue

States, Stakes and Your Stack

Author(s):

Chris Pogue, Director, Digital Forensics and Incident Response, CyberCX

Geopolitics isn’t background noise anymore; it’s in your threat model.  State-backed operators target the same clouds, identity systems, and vendors you rely on every day.  As Assistant Director of FBI Cyber Brett Leatherman put it: “Who among you can stand up to the PLA?  I hope you don’t think you can … because you can’t.” … Read more

From the Fall 2025 Issue

AI and Robotics Are Reshaping Security — But Humans Still Hold the Line

Author(s):

Scott R. Gane, CPP, President and Chief Security Officer (CSO), Huffmaster

We have passed the point of novelty; we’re beyond speculation, and we’re now squarely in a world where AI, most commonly in robots, as well as cameras and access control are an integral and necessary component of security infrastructure. In a time when sophisticated AI-driven threats are challenging traditional security, the human security officer needs … Read more

From the Fall 2025 Issue

Rhizomatic Threats in Practice: Applied Cybersecurity Modeling for Emergent Threat Landscapes

Author(s):

Henry J. Sienkiewicz, Faculty, Former CIO, DISA, Georgetown and George Washington Universities

Introduction The rise of decentralized digital infrastructures and flexible adversary ecosystems has destabilized traditional cybersecurity assumptions. Threat actors today often operate not within rigid hierarchies but through fluid, self-organizing networks resembling rhizomes—a concept introduced by philosophers Gilles Deleuze and Félix Guattari (1987).[1] A rhizome, as described in A Thousand Plateaus, is a non-hierarchical, horizontally propagating … Read more

From the Fall 2025 Issue

It’s Not If or How, But When You Will Be Subject to a Cyber Attack

Author(s):

Jacqui Magnes, CEO and Owner, COMSO, Inc. dba CISPOINT

CISPOINT

Gone Are the Days of Having a Lone ‘IT Guy’ Understanding the Inevitable The rapid evolution of cyber threats means that every organization, from multinational corporations to small nonprofits, is in the crosshairs. Cybercrime costs are projected to reach $10.5 trillion annually by 2025, according to Cybersecurity Ventures. Attackers are armed with automated tools that … Read more

From the Spring 2025 Issue

The More Things Stay the Same: The Resurgence of Classic Cyberattack Vectors

Author(s):

Chris Pogue, Director, Digital Forensics and Incident Response, CyberCX

Cyber Attack Vectors

In the ever-evolving landscape of cybersecurity, it’s easy to become fixated on emerging threats, often overlooking legacy vulnerabilities that persist within our systems.  Recent trends indicate a notable resurgence of classic attack vectors, such as SQL injections, buffer overflows, and web shells—techniques that many assumed had been relegated to the annals of cyber history. This … Read more

From the Spring 2024 Issue

Shielding Projects: Cybersecurity Strategies for PMOs

Author(s):

Rahul Yadav, Founder & CEO, Feasti

In this digital era, organizations face cyber threats with severe consequences. These threats are primarily due to remote working, the usage of unsecured devices or the use of outdated antivirus software. An effective cybersecurity strategy involves risk assessment for effective resource allocation. Moreover, security systems such as encryptions and firewall software stop unauthorized access. Project … Read more

From the Winter 2024 Issue

Exploring the Dark Web: Understanding its Role in Cybersecurity Threats

Author(s):

Justin Petitt, Strategic Capture Manager, Markon Solutions

Exploring the Dark Web

What in the Dark Web is happening here? “What in the Dark Web is happening here?” was the first thing said to me over a recent holiday trip, with a friend walking in and seeing me checking in on work and life with three separate laptops set up in front of me, my attention and … Read more

From the Summer 2023 Issue

Defense In Depth and DMZ WEB Server Deployment

Author(s):

Syed Taha Ahmed Jafri, Information Security Specialist,

Defense In Depth and DMZ

Introduction This article will discuss Defense in Depth (DID) in detail and minimum steps to securely deploy a Web server in DMZ for a FinTech 3-tier application. 3-TIER ARCHITECTURE In software engineering the methodology of 3-tier architecture is used to divide an application into logical boundaries. These boundaries are logical and their main benefit is … Read more

From the Spring 2023 Issue

The Double-Edged Sword of Cyber Threats in Latin America

Author(s):

Kate Esprit, Cyber Threat Intelligence Analyst, MITRE

Cyber Threats in Latin America

Ask any cyber intelligence analyst about today’s major threats, and they will likely launch into a discussion about hacking groups in China, Iran, North Korea, or Russia. Indeed, state-sponsored threat actors in these countries are highly sophisticated and have wreaked havoc on global network infrastructure. However, the cybersecurity industry continues to overlook other areas of … Read more

From the Winter 2023 Issue

The New Threat Surface: Employee-Targeted Digital Risks

Author(s):

Amir Tarighat, Co-Founder and CEO, Agency

The New Threat Surface

In the last decade, the enterprise cybersecurity ecosystem has rapidly grown to address new threats. Overall, it has become highly effective. Businesses have benefited from a veritable army of professionals and cutting-edge technology to secure their systems, forcing bad actors to evolve their strategies. As corporate devices and networks are increasingly well-hardened, cybercriminals have begun … Read more