I recently attended the Fifteenth Annual Forum on Financial Information Systems and Cybersecurity: A Public Policy Perspective at the University of Maryland. The forum was hosted by Professors Lawrence A. Gordon, Martin P. Loeb, and William Lucyshyn. You may remember the interview I did with Professor Gordon a while back on his collaboration with Professor […]

I remember reading a novel several years ago by Tom Clancy that featured virtual reality (VR) as part of the plot’s security operations center capabilities. I remember thinking how this will never happen in my lifetime and how Clancy was getting way ahead of himself. Then, recently I was able to attend a conference about […]

Finding the right security solution is often a difficult task, with many complex trade-offs to consider. Building a secure system is even more challenging as history has shown. Designing and building systems that are “tolerant of adversarial cyber actions,” as expressed by our interviewee below, seems a herculean task. So I was quite interested to learn […]

One of the issues I have with standards is that they often take on a life of their own – different from what their authors intended – and, eventually become stale checklists that rob energy and innovation from operations and products. So it is refreshing to see how the National Institute of Standards and Technology […]

There are many “free” cybersecurity tools out there but it seems like there are just a handful that actually are having a positive effect on the global security issues of today. To offer two of these impacting tools like Global Cyber Alliance (GCA) is truly noteworthy, and they have the stats to prove their effectiveness. […]

As a former SOC Director, I was always looking for ways to increase the skill levels of my team or get them the education needed for certification while on a strict (i.e., practically no) training budget. Little did I know how easy it could have been if I had met Ralph Sita just a few […]

ICS, SCADA, OT, PIT and even IoT are all acronyms that define a class of systems which manage the flows of data between sensors, actuators and control systems. Over the past decade, the interconnection of these systems with Information Technology (IT) systems and the Internet has been occurring at an ever-increasing pace, creating significant concern […]

A year ago my engineer daughter sent me a podcast by RadioLab that described a potentially scary future created by advanced video and voice manipulation technology that would allow anyone to recreate or initiate recordings of fake events that appeared very realistic – essentially putting a fake news weapon of high counterfeit quality into the […]

My recent experience as a SOC director for a large enterprise has definitely upped my awareness of the need for a test and training environment where you can evaluate the impacts of changes to your SOC environment while also beginning to better understand the mission impacts of cyber attacks or the flow of different orchestrations. […]