Author Archives: Scott

Data Exfiltration in Five Easy Pieces

While some cyber security attacks focus on destruction and damage to reputation, more common in this decade has been the widespread and rampant theft of data creating challenges in maintaining appropriate levels secrecy and data protection. To complete the theft once the data has been compromised, a successful attack will need to exfiltrate the data to the attacker for further exploitation. Here are the 5 scenarios of data exfiltration.

Continue reading

Cyber security Advanced Education: Preparing the Emerging Workforce

While there has been much written on the perils of the current talent gap, not nearly as much focus has been spent on the skills gap.  Nearly 1 in 4 candidates are not qualified for the positions they seek in cyber security, and the higher education systems as well as in house development practices are often obsolete or at least ineffective.  Basic writing and persuasive communications are severely lacking, imperative cognitive thinking skills can be non existent, and scripting tends to be rudimentary at best.  Mid-way through my own masters degree journey, I have a unique perspective as both a hiring manager and a student as to how to begin addressing this growing issue.

security education2

Bounty for Bugs: Engaging Gray Hats in Cybercrime Prevention

Our culture has become increasingly dependent on software for automation, productivity, and quality of life; the interconnectivity of nearly everything, market-labeled “the Internet of Things,” has only increased this dependency.  The software that delivers these services exists on a wide variety of platforms from traditional computers to handhelds to game machines and even appliances such as alarm clocks.  Application developers are driven to deliver increasingly complex innovative features and functionality faster.  Today, system and software vulnerabilities are being revealed and exploited in those applications at a disastrous pace, and the need for identifying application layer vulnerabilities before the malicious user community does has become increasingly more dire.  Bug bounty programs are a crowd-sourced collective with a large and potentially well-motivated force, they can be difficult to run and potentially empower the very bad actors they mean to prevent. There is no substitute for strong security by design and robust testing through a Systems Development Life Cycle (SDLC); together, these programs are essential to a safe Internet, offering more cyber security benefits than traditional testing, are more effective at uncovering security flaws quickly, and are generally less expensive.

Continue reading

Assessments and Audits – What’s the difference?

The difference between an audit and an assessment essentially is the objective of each.  An assessment analyzes the potential for things to happen in the future, while an audit reacts to how things were done in the past.  One is no more or less important than the other, and people react to them very differently.

In an audit, there is a specific process or control “standard,” and an explanation of how activity should be performed to prove effective, essentially validating things are being done as they should be done. The primary objectives are to check whether described processes effectively conform to the stated standards, and whether the operators are following the described processes accurately.

In an assessment, there is no “standard;” they identify the current reality without the constraints of pre-defined problems. It accounts for emerging risks and reveals new insight.  The primary objective is to provide direction for improvement efforts towards the goal of an ideal state within an organization’s risk tolerance.

Continue reading