From the Summer 2016 Issue

Danger within the Walls

Author(s):

Robert Lord, Co-Founder, Protenus, Inc.

Healthcare suffers more breaches than any other field, with 90 percent of organizations having suffered at least one data breach in the past two years,1 and nearly half, or 45 percent, having more than five data breaches in the same period.2 Despite experiencing its worst year in history, with over 111 million records breached in … Read more

From the Summer 2016 Issue

Identity and Access Management: The Quiet Disruption in Security Engineering

Author(s):

Adam Firestone, Editor-in-Chief , United States Cybersecurity Magazine

We are on the cusp of a revolution in information security engineering. Even a cursory glance at the security technoscape shows a shift away from perimeter-based defenses and their electronic ramparts, bastions, and moats, toward mechanisms that automatically regulate access to data resources and processing functionality in real time. This is consistent with and reflective … Read more

From the Spring 2016 Issue

Can Employee Behavior Indicate an Insider Threat?

Author(s):

-Larry Letow, President, U.S. Region, CyberCX

Jim Mazotas, Founder, OnGuard Systems LLC

While technology can play an important role in identifying an insider threat, it is equally important not to overlook behavioral patterns. Malicious employees often provide warning signs as they move from the idea of acting ‘not in accordance with established policies’ to outright data theft. These signs often take the form of changes in attitude … Read more

From the Spring 2016 Issue

The Nomad Project: Targeting Security and Availability Issues in the Cloud

Author(s):

Henry Au, Electrical Engineer, SPAWAR Systems Center Pacific

Mamadou Diallo, Computer Scientist, SPAWAR Systems Center Pacific

Megan Kline, Mathematician, SPAWAR Systems Center Pacific

Michael August, Cloud and Mobility Engineer, SPAWAR Systems Center Pacific

Patric Petrie, Lead Staff Writer, SPAWAR Systems Center Pacific

Roger Hallman, Mathematician, SPAWAR Systems Center Pacific

Organizations with sensitive data cannot take advantage of cloud computing because of security and availability concerns.  Cloud computing uses the Internet to manage, store, and process data remotely, instead of locally.  The three deployment models of cloud computing, infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS), offer … Read more

From the Spring 2016 Issue

The Roots of the IoT Forest

Author(s):

Lauren Edwards, Director of Marketing, Sysorex

The IoT is often viewed as a hurricane of attention-hungry little pieces of technology strewn about and constantly chatting.  The Internet of Things (IoT) is on track to land a spot on 2016’s “Buzzwords to Avoid” list, but this is a misunderstanding. The Internet of Things isn’t just about connected toasters or watches, and to … Read more

From the Spring 2016 Issue

Automating Cybersecurity Using Software-Defined Networking

Author(s):

Chris Christou, , Booz | Allen | Hamilton

Michael Lundberg, , Booz | Allen | Hamilton

A key enabler of these malicious attacks is system and network misconfiguration, which remains a major cause of information technology (IT) infrastructure vulnerabilities.  Large-scale cyber-attacks continue to make headlines around the world. While data breaches can have catastrophic and costly consequences, hackers can also cause havoc by interrupting organization operations through distributed denial-of-service (DDoS) attacks. … Read more