Spotlight

Active Cyber Crosswalks EO 14028

Active Cyber Crosswalks EO 14028

In my last article on the EO 14028 I mentioned that I thought there were several parallels between what the EO was calling out and some of the concepts and...

Active Cyber Reviews Executive Order 14028 – Improving the Nation’s Cybersecurity

Early this past summer 2021 a friend of mine was asking me about¬†Executive Order 14028 on Improving the Nation’s Cybersecurity¬†and I had to admit that I had largely ignored it....

What Roles Do Provenance and Reputation Play in “Authentic-By-Design” Approaches to Digital Content?

People make decisions every day that involve risk and uncertainty. Generally, we reconcile a variety of decision models using risk criteria often provided by organizational policies and/or guided by a...

Authenticity-by-Design: Ensuring the Authenticity of Content and Identity

Current Security Trends Reveal Difficulties in Assuring Authenticity Recently I was thinking about some of the major security challenges and problems of 2020 and going forward into 2021 like the...

Active Cyber Surveys the Standards Landscape for OT and IoT Systems Security

A Plethora of Standards and Guidance for OT / IoT Security In my research into OT and IoT systems security, I have come across a plethora of guidance and standards...

Measuring the Cyber Resiliency of OT and IT Systems

Recently, I was talking with my daughter, the engineer, about testing. She is the lead engineer for payload integration and test for a large NASA space telescope. Our discussion got...

Active Cyber Interviews NIST Scientists on the Next Generation Access Control Standard

Many years ago I was hosting a series of workshops on a variety of security topics. One of those topics dealt with role-based, attribute-based, and policy-based access control approaches and...

JHUAPL Brings SOAR Technology to Universities As Part of Educational Outreach and Adoption Strategy

Adopting a new technology can be fun but also challenging, especially if the technology is new to the market and there isn’t a lot of veteran users around who can...

Acquired Data Solutions Offers Help to Businesses to Meet New Federal and DoD Cyber Compliance Standards

Securing operational technology and IoT has just received a new compliance push as the DoD is targeting small businesses in its mandate for Cybersecurity Maturity Model Certification. Katie Arrington, special...