spotlight

Artificial Intelligence / Machine Learning (AI/ML) are hot topics these days when it comes to politics, technology, and personal living. There is much discussion around the ethics, the threats, and the benefits of AI/ML in each of these circles. It comprises the newest arms race with our adversaries, and just about every industry is putting […]

I was delighted to see the recent appointment of Kelly Schulz as CEO for the Maryland Tech Council. Ms. Schulz has played a prominent role in Maryland politics for many years, most recently as a candidate for Governor. Prior to her run for Governor, she led workforce and innovation initiatives as a cabinet member at […]

For several years I have been honored to be a guest at the annual Forum on Financial Information Systems and Cybersecurity: A Public Policy Perspective organized at the University of Maryland by Larry Gordon, EY Alumni Professor of Managerial Accounting and Information Assurance; Martin Loeb, professor of accounting and information assurance and a Deloitte & […]

Assuring the secure adoption of a new technology, assessing your software supply chain for risks, hunting for vulnerabilities in your infrastructure are all complex and challenging tasks – but ones that are critical to securing your business or government agency. Having specialized, automated tools that are seamlessly integrated using standard methods and interfaces can significantly […]

Agile risk assessment at industrial scale Operational technology (OT) systems now connect operations and maintenance equipment to information technology (IT) infrastructures. Doing so enables increased automation and real-time, data-driven decision making. Increased connectivity also amplifies risk, exposing critical infrastructure systems—and entire operations—to new opportunities for cyber attack. Traditionally, assessing system risk has been a manual […]

Early this past summer 2021 a friend of mine was asking me about Executive Order 14028 on Improving the Nation’s Cybersecurity and I had to admit that I had largely ignored it. Frankly, I have experienced many similar bureaucratic moves in the past when it comes to cybersecurity and none seemed to have the impact that was […]

People make decisions every day that involve risk and uncertainty. Generally, we reconcile a variety of decision models using risk criteria often provided by organizational policies and/or guided by a variety of personal belief and trust systems. Many times we are forced to address ambiguous situations in uncertain ways, using uncertain terms and with uncertainty […]

Current Security Trends Reveal Difficulties in Assuring Authenticity Recently I was thinking about some of the major security challenges and problems of 2020 and going forward into 2021 like the ongoing SolarWinds supply chain mitigation issues; election fraud; the problems around disinformation and deepfakes; false flags in cyberattacks and the difficulties in making accurate attribution; […]