Topic: Engineering and Vulnerability Management

From the Winter 2018 Issue

Managing Cyber Risk for American Aviation

Author(s):

Scott Smurthwaite, PhD, Information System Security Engineer , mangoLabs

Subba Rao Pasala, System Administrator , Federal Aviation Administration

Thomas Beatty, Program Manager , Federal Aviation Administration

FAA header image

Chinese Hackers By 2010, it was clear that a persistent threat had infiltrated American public and private sector networks and was stealing sensitive data.  In January of that year, Google stopped offering its search engine in China, citing theft of proprietary code and onerous Chinese censorship.  Google also stated that it, along with more than … Read more

From the Winter 2018 Issue

Trustworthy IoT: Just Another Block in the Chain

Author(s):

Hilary MacMillan, EVP for Engineering, CyLogic

Trustworthy IOT header image

Ah, the Internet.  It’s impossible to imagine life without it.  The ability to connect and interact has fundamentally changed and continues to change society.  We can exchange information and assets around the world nearly instantaneously.  We can see and examine physical objects and environments from afar.  We can exert control and monitor actions from opposite … Read more

From the Winter 2018 Issue

Blockchain: The Good, The Bad and The Ugly

Author(s):

Kris Martel, EVP of Operations, Chief Information Security Officer, Emagine IT

blockchain header

Ask an average person if they know what blockchain is and you’ll likely get a deer-in-the-headlights look. Ask the same person if they know about Bitcoin and their eyes light up. Cryptocurrencies, like Bitcoin, are the most widely recognized technologies leveraging blockchain today. Cryptocurrency markets dominate the media and many want to invest in them … Read more

From the Fall 2017 Issue

Q&A Interview with Zane Lackey of Signal Sciences

Author(s):

Adam Firestone, Editor-in-Chief , United States Cybersecurity Magazine

Signal Sciences develops a web protection platform that provides comprehensive threat protection and security visibility for web applications, microservices, and APIs on any platform. To answer some pertinent questions for our readers about emerging trends in security and DevOps, United States Cybersecurity Magazine conducted a Question & Answer interview with Zane Lackey, Signal Science’s co-founder … Read more

From the Fall 2017 Issue

Your Web Applications are Under Attack: Are You Ready?

Author(s):

James Everett Lee, Chief Operating Officer, The Identity Theft Resource Center

John M. Holt, Founder & CTO, Waratek

On a day in June, the year 2017 became another year r the record books – six months early. According the non-profit Identity Theft Resource Center C), publically reported data breaches exceed ’s record pace by as much as 80 percent in sectors s Financial Services. As of September 1st, only vernment/Military category was behind … Read more

From the Fall 2017 Issue

Cybersecurity Morbidity and Mortality Conferences

Author(s):

Chris Castaldo, Senior Director of Information Security, 2U

Current cybersecurity paradigms are not adequately supporting the global information technology community. Billions of sensitive records are compromised each year, data is held for ransom and people’s lives are put at risk. Despite numerous well-publicized failures, 2017 has been a banner as measured by the volume of venture capitalist funding for cybersecurity startups . It’s … Read more

From the Fall 2017 Issue

You Build It, You Secure It

Author(s):

Barbara Bouldin, Director of Technologies Research, SJ Technologies

John Willis, Senior Director, Global Transformations Office, Red Hat

Leading to DevOps In 2006 Werner Vogels, Amazon’s CTO, said in an interview with the Association for Computing Machinery (ACM) that developers at Amazon don’t throw software over the wall. His famous quote was “You build it, you run it”. This simple phrase became a battle cry for the DevOps movement.1 In 2017, the process … Read more

From the Fall 2017 Issue

Human Machine Teaming

Author(s):

Daren Dunkel, Manager, Enterprise Sales, Amazon Web Services

There is a myriad of companies boasting about solutions incorporating Machine Learning (ML) or Artificial Intelligence (AI). Advertising resonates; the public is enamored with ML and AI. 60 minutes recently ran a feature story on AI the piece emphasized the benefits brought to humanity by AI across a broad spectrum ranging from medicine to manufacturing. … Read more

From the Summer 2017 Issue

The Human Factor: Users as Security Sensors

Author(s):

Phillip R. Hasse, President/CEO, Contextual IT Solutions

If there is any consensus within IT security, it is that the security provided is often ineffective in preventing or detecting unauthorized activity. Attackers’ agility often exceeds the defenders’ ability to adapt to changing tactics and technologies. Typically, the response is to provide faster machines and more capable software. It’s like a high-stakes chess game … Read more

From the Summer 2017 Issue

SOFTWARE DEFINED NETWORKING’S (SDN) IMPACT ON CYBERSECURITY

Author(s):

Henry J. Sienkiewicz, Faculty, Georgetown University

Our connected world has changed expectations and requirements. Only a short time ago, a mobile phone connected to an enterprise application would have been unimaginable. The network could not support it. Security would not allow it. Both have evolved. The network has dramatically increased in bandwidth while becoming much more agile. Static, fixed IP addresses … Read more