By Paul Veeneman, VP of Operations, MBA EngineeringSeptember 15, 2020 The convergence of Operations Technology (OT), Information Technology (IT), Internet of Things (IoT), and Industrial IoT has brought with it a wave of connected devices, systems and applications that present significant cybersecurity challenges. In the coming years, these changes will have an impact on the world’s critical infrastructure systems, including water and wastewater systems, electrical power utilities, telecom systems, healthcare systems, industrial environments, agriculture, manufacturing, and more. Over the past decade critical infrastructure industries have transformed the operations technology landscape, introducing a proliferation of SCADA systems, industrial controls, and digital ...

By Ken Hoyme and Judy HatchettCo-Chairs, Oct. 26 Healthcare and Med Device SeminarSeptember 14, 2020 There are several fundamental characteristics of medical devices that make them a unique challenge for security practitioners. One is the long lifecycle that these systems typically have – sometimes as long as 10 or 15 years. Imagine if you were still using a laptop you purchased in 2005; it might feature a floppy drive, a CR-ROM drive, a VGA output, blazingly fast USB 1.1 ports, and of course an outdated operating system. The second is that medical devices need to be tested by the manufacturer ...

By Sean S. CostiganAugust 17, 2020 If you are a local government election official, a vendor of electronic voting machines, an intelligence analyst, a cybersecurity expert working for a social media company, someone holding high office, or simply a voter, you are invested in election security. You may even hold strong, expert opinions on aspects of the issue. However, as a multivariate global challenge, each investment people make may not be commensurate with present-day risks nor result in the desired outcomes. Consider electronic voting: when asked about e-voting, transparency and verifiability are topmost in the minds of many. While those ...

By Mark RitchieJuly 23, 2020 Last year I was sworn in as Civilian Aide to the Secretary of the Army, pledging to “support and defend the Constitution of the United States against all enemies, foreign and domestic.” During that solemn moment of the swearing in ceremony I thought about my former role as the State of Minnesota’s Chief Election Officer, and what I had learned during that time about “foreign and domestic” threats with regards to protecting our elections. Very early in my very first term of office, having won my election in the fall of 2006, our office faced ...

By Anne C. Bader, Founder, The International Cybersecurity Dialogue August 17, 2020 A few years ago, I met Eileen Manning, producer of the annual Cyber Security Summit (CSS) in Minneapolis, while attending a security event in Washington D.C. I was there as Founder of The International Cybersecurity Dialogue (ICD), whose mission is to promote dialogue and a working relationship between technologists and policymakers. Eileen emanated a “je ne sais quoi” of positive energy and authenticity, and I quickly learned that we shared a firm belief in the power of networks and continuous dialogue to accomplish the seemingly insurmountable task of ...

By Brett Hebert on August 5, 2020 Posted in FTC, Privacy Policy Thank you, reader, for taking time out of your day to read this blog post. I trust before clicking on this link you first sought out our website’s Privacy Policy and reviewed it in full, took mental notes while silently nodding throughout, and finished with an audible “I agree” before moving on to review this content. Correct? Very likely you did not, but take solace in knowing you are in good company. Only 22% of Americans report “often” or “always” reading online privacy policies, and that’s solely for websites which ...

By Betty Elliott, Partner and Chief Information Security Officer, MercerJuly 14, 2020 In this time of change and uncertainty, it’s very important to stay connected to your teams. My team and I already were a remote team before the pandemic but I still felt it was necessary to take extra steps to ensure the safety and well-being of the team. We are all located in different regions of the country and have different personal experiences. Zoom was already a part of our interactions and we were all comfortable with video meetings and working from home. At the onset of the ...

By Loren Dealy Mahler, President, Dealy Mahler StrategiesJuly 13, 2020 When we measure individual success in the cybersecurity industry, we most often look towards metrics that can best be described as “on paper” achievements. We evaluate whether someone has the requisite security certificates, a sufficiently lengthy resume to prove years of practice and time spent developing specific technical expertise, and a number of tours with companies whose names and reputations are familiar across the industry. If someone can achieve a relatively high score across these quantifiable areas, they are by and large considered successful. Bonus points are given for those ...

By Tina Meeker, Sr. Director of Information Security, Sleep Number; Vice President - Minnesota WiCyS AffiliateJuly 13, 2020 As an industry, we are all acutely aware of how important it is to identify, foster and promote new and existing talent (from ALL backgrounds) in the ever-evolving cybersecurity field. Our industry is much too monolithic today which results in open unfilled roles, lack of creative solutions to fighting hackers and threats, and inability to make meaningful strides in connecting with diverse workforces to advance security culture within organizations. According to Cybersecurity Ventures, at the end of 2019, it was estimated that ...