The 2016 presidential election witnessed unprecedented Russian cyberattacks and disinformation campaigns designed to disrupt the U.S. electoral system by influencing public opinion. The Russian goal is intended to destabilize the U.S.  through ideological activism, advancing their interest and further their political agenda. Their methods compromised computer systems of candidates and political ..read more

The Enterprise Information Security Architect is a crucial position within IT security and is often challenging and stressful. The job forms the “glue” that bridges the technological aspects of security and business drivers. The architect must have a solid understanding of the business architecture to design the best security systems possible that not only do not impede the business but ..read more

In the era of social media, cybercriminals and state actors use these networks to monitor various social events such as protests, elections, and natural disasters.  These bad actors commonly employ crowdsourcing techniques to obtain critical intelligence into ongoing cyber attacks. It is one of their primary real-time monitoring dashboards to gauge the effectiveness of their attacks such as ..read more

In today’s world, countless organizations fall victim to data breaches that involve employee data. In 2014, I was engaged to lead the remediation efforts of a data breach for a Pennsylvania-based client.  Hackers gained access to the company’s employee payroll information containing the salaries, social security numbers and other Personal Identifying Information (PII) through an insecure email ..read more

Every organization must have an incidence response (IR) plan that will handle preparation, identifying the start of an incident, recovering from it, restoring normal operations and support sound security policies. With any cybersecurity incident, security teams will face uncertainties and chaotic activities. In such a high-pressure environment the risk of not following proper incidence ..read more

In today’s security defenses, many organizations are adopting artificial intelligence (AI) and machine learning (ML) technologies to thwart cyberattacks.  Without these innovative technologies managing distributed and complex infrastructures require a high amount of human capital and intervention. Sophisticated cybercriminal organizations including state-sponsored actors as a whole are ..read more

The United States is continuously under relentless attack by state and non-state actors in cyberspace. Many believe the U.S. is losing the Cyber War with the staggering number of breaches year after year escalating to new heights. For example, in 2015 Chinese hackers gained administrator privileges, enabling them to acquire full access to the computers of the U.S. Office of Personnel ..read more

In the world of cybercrimes, the majority of cybercriminals always seek financial gain, but this is not the primary motivation. Aside from the advanced sophistication of state-sponsored incidences, the young cybercriminal venturing into the dark side boils down to their ego. Adolescent criminals seek out recognition among their peers eager for a sense of success in an effort to prove ..read more

In today’s world, the urgency to rapidly develop software results in the use of open source code. Attackers are well-aware this urgency results in poor coding practices such as inadequate version control documentation and what open source code they use. They continually monitor repositories such as Github, SourceForge, and many others to identify who has contributed code and had problems with ..read more

With the ever-escalating cyberthreats, newer versions of encryption protocols have been developed to address vulnerabilities and support stronger, more secure ciphers and algorithms. The Background The Transport Layer Security (TLS) protocol was developed as a successor to the Secure Sockets Layer (SSL).  SSL and TLS are mostly the same cryptographic protocols running at the application ..read more