From the Fall 2018 Issue

Managing Insider Risk in the Perimeter-Less Workplace

Author(s):

Shawn M. Thompson, Founder and President, Insider Threat Management Group, LLC

Cyber-Security-Data-Protectio-234998119

The corporate workplace is rapidly changing. Traditional norms of working at a physical location are becoming obsolete and working remotely is the new norm. A recent study suggest that more than 40 percent of Americans telecommute part-time and some industries (finance, software, management) now have as much as 38 percent of their staff working remotely … Read more

From the Summer 2018 Issue

The Criticality of Context in Threat Intelligence

Author(s):

Gary R. Hayslip, Deputy Director and CISO, City of San Diego

Organizations commonly associate the purchase of the latest security technology to create a sense of protection from attacks. Unfortunately, cybersecurity is more than just hardware, software, or a new cloud service. Deploying security without context gives organizations a false sense of protection, making them less resilient and more vulnerable to the cyber incidents that they … Read more

From the Summer 2018 Issue

The Executive Case for Active Insider Threat Management

Author(s):

Dr. Rebecca Wynn, Head of Information Security, Matrix Medical Network

rwynn-header

Every company will face an insider-related security incident sooner or later, regardless of whether it will be caused by a malicious action or an honest mistake. Key Considerations for Dealing with Senior Management Where The Information Security Leader Fits Within the Organization: Without the appropriate title, support and platform, success will be difficult to attain. … Read more

Common Cybersecurity Attacks

Author(s):

Caleb Townsend, Staff Writer, United States Cybersecurity Magazine

Cybersecurity attacks, black and white, criminal typing on keyboard, cyber attack

In the cybersecurity world, vulnerability is the first step in exploitation. These exploitations often involve a hacker gaining unlawful access into a computer system and wreaking havoc. In order to stay vigilant and cyber safe, it is important to understand what the common cybersecurity attacks are. Backdoor Attacks A backdoor in a computer system is … Read more

From the Spring 2018 Issue

Dark Web Investigations

Author(s):

Paul Kubler, Cyber Security and Digital Forensics Examiner, Independent Consultant

PaulKubler-feature-image

The dark web has been sensationalized in the news, movies, and on television dramas. The dark web, and the less commonly discussed deep web, make up a part of the internet that is not accessible via search engines, like Google or Bing. This part of the internet dates to the 1990s when lists of sites … Read more

From the Spring 2018 Issue

NotPetya Holds Up a Stop Sign for FedEx

Author(s):

Barbara Bouldin, Director of Technologies Research, SJ Technologies

notpetya-feature-image

What Happened On June 27, 2017 the NotPetya malware hit the Ukraine, targeting Kyivenergo, an electric power supplier to Kiev. NotPetya went on to hit a shipping company, Maersk, a pharmaceutical company, Merck, and a delivery and distribution company, TNT Express, a subsidiary of FedEx. Employees in the TNT Express offices faced displays of a … Read more

From the Winter 2018 Issue

UNISQUATTING IDN HOMOGRAPH ATTACKS

Author(s):

Danny Gershman, Vice President, Security Operations, F9 Teams, Inc.

Unisquatting (a portmanteau for Unicode cybersquatting) or the Internationalized Domain Name (IDN) homograph attack is a fairly new type of mechanism that builds on several other types of Domain Name System (DNS) address attacks. The typosquat (Uniform Resource Locator (URL) hijacking) attack relies on being able to register a domain name very closely resembling another … Read more

From the Spring 2017 Issue

Tactical, Operational, and Strategic Cyber Attribution: What are they and what does future U.S. policy need to change.

Author(s):

Matthew C. Kurnava, MA Homeland Security/Cybersecurity,

The Growth of Cyber Attacks  Cyber-attacks are growing in frequency and sophistication. The numbers are staggering. The “AT&T Cybersecurity Insights Report” noted a 62% increase in DDoS attacks and a 458% increase in malicious actors attempting to find Internet of Things (IoT) vulnerabilities.1 Dell reported an increase in malware attacks to 8.19 billion with a … Read more