From the Fall 2021 Issue

Breach and Attack Simulation: The Newest Way to Test Your Defenses

Author(s):

Paul Kubler, Head of Red Team Operations, CYBRI

Breach and Attack Simulation

Breach and Attack Simulation (BAS) is a new component of a proactive cybersecurity program. The simulation is designed to continuously assess your security controls based on configuration, scanning, and testing leveraging more automation than a traditional pentest. BAS, as it is known, is designed to enhance a regular vulnerability scanning program and consolidate the view … Read more

From the Fall 2021 Issue

Synthetic Identity Fraud (SIF): Combating the Phantom Menace

Author(s):

Dr. Rebecca Wynn, Global CISO & Chief Privacy Officer ,

Synthetic Identity Fraud

The article will explain what Synthetic Identity Fraud (SIF) is; why you should care; and what to do to protect yourself/child/business. It is a high-level overview meant to be informative and educational. By the end of the reading, you will hopefully agree with this premise and these definitions. Half-Artificial and Half-Human: A Synthetic Identity (SID); … Read more

From the Fall 2021 Issue

Penetration Testing: Why Leaks Need to Be Sealed

Author(s):

Michael Lassiter Jr., President, Strong Exploits, LLC

Penetration Testing_ Why Leaks Must Be Seales

Penetration testing is arguably one of the most necessary operations within cybersecurity and its importance is becoming more relevant to C-level executives. It is estimated that almost 70% of business leaders believe that their cybersecurity risks are increasing; therefore, there is a great need for continuous reduction of these risks. As threats continue to evolve … Read more

Secure Your Organization from the Rising Wave of Device-related Cybersecurity Attacks

Author(s):

Sathya R, Product Specialist, ManageEngine

Device-related Attack - Role-based Access Control

In any given organization, chances are, a diverse array of peripheral devices are in use.  These can include ubiquitous equipment such as keyboard and mouse combos, tools utilized for convenience such as USB flash drives as well as niche equipment for the completion of specialized tasks. However, as the scope and popularity of these devices … Read more

From the Summer 2021 Issue

How Do We Take the Sting Out of Being Stung?

Author(s):

-Larry Letow, President, U.S. Region, CyberCX

Justin Petitt, Director of Cybersecurity, Systems Engineering Solutions Corporation

how-do-we-take-the-sting-out-of-being-stung

With cyber-attacks and ransomware making the mainstream news, and consequences rippling out far past single layers of users or customers, how can we collectively take the sting out of getting stung by a common cyber-heist?  Attacks against networks, data stores, and business processes are not new by any means. Indeed, without getting too deep into … Read more

From the Winter 2021 Issue

Security-In-Motion, Complacency at Rest

Author(s):

-Larry Letow, President, U.S. Region, CyberCX

Justin Petitt, Director of Cybersecurity, Systems Engineering Solutions Corporation

Security-in-motion

2020 introduced a slew of new conversation topics for most people, few more so than among IT security professionals. While there are new technical challenges to consider for most in the business world, we cyber-minded folks find ourselves continuing to address the age-old question in data security – how can we provide more of EVERYTHING … Read more

From the Fall 2015 Issue

Getting Compliance and Security Right: The Importance of an Integrated, Effective, and Efficient Plan

Author(s):

Celia David, Director, Energy Practice, Navigant

Kenneth Lotterhos, Managing Director, Energy Practice, Navigant

Matthew M. Blizard, Director, Energy Practice, Navigant

The Challenges of the Bulk Electric System  Protecting the nation’s interstate power grid has never been more challenging or more important. Cyber and physical attacks are on the rise and digital equipment is proliferating on the grid, simultaneously enhancing reliability through automation and increasing the potential for vulnerability from cyber intrusions. Reversing the digital trend … Read more

From the Fall 2015 Issue

PLANNING AND EXECUTING AN EFFECTIVE DATA BREACH EXERCISE

Author(s):

Anthony M. Chapa, Assistant Director and Chief Technology Officer, retired, United States Secret Service

Eric L. Qualkenbush, Director, Office of Central Cover; Director, Training and Education, retired, Central Intelligence Agency

T. Casey Fleming, Chairman and CEO, BLACKOPS Partners Corporation

Why Regular Data Breach Exercises Are Required  Data breaches continue to trend up exponentially for all U.S. companies, government agencies, universities, and research facilities. Today, even our smartphones, public Wi-Fi, and homes are consistently being hacked for access to sensitive data. Nation states and privateer hackers have grown dramatically in numbers and capability over the … Read more