The 8 Key Elements of an Effective Cybersecurity Policy Document
Standard Categories for Your Cyber Policy Artifact (I have been getting a lot of requests for help in this area...I...
Year: 2019
TOP 5: Cybersecurity Framework Articles/Reviews
Some modern approaches to operational and support cyber constructs Alvarenga, A., & Tanev, G. (2017). A cybersecurity risk assessment framework...
EXCLUSIVE: A 2017 DOD STIG Analysis
So, your contractor says they are "experts" in cybersecurity...are you sure? THE REAL PROBLEM: Program Managers, Contract Officer Representatives, etc.,...
Cyber-Ethics and Technology in the Age of Predictive Analysis
Where do we draw the line between privacy and security? This is becoming more and more relevant with advances in...
GUIDE: The Threat Hunt Response Engagement & Action Team (THREAT)
The “Optimal” THREAT Task Organization The most common question at this point of anyone looking at the Threat Hunt concept...
TOP 7: “Cyber-Analytics” Journal Articles (2019)
It's time we measure how well we are really doing with Cybersecurity using Data Science "Cyber-Analytics: The application of data...
A DOD Hybrid-Risk Management Framework (RMF) Step 3
Getting System Developers to get Cyber Right Early...we hope A challenge facing the Department of Defense (DOD) is the allocation...
PATHWAY: Supply Chain Risk Management (SCRM) 1.0 Framework
A Cybersecurity "Strawman" Offering Supply chain risks include the insertion of counterfeits, unauthorized production, tampering, theft, insertion of malicious software...
CHINA-FILE: The History of Cyber-SCRM
Huawei...Again.... The history of Cybersecurity-Supply Chain Risk Management (Cy-SCRM) can be traced to the year 2012. Shortly after the Chinese...
DOD’s Role in Responding to Malicious Cyber Activity
Q: When is self-defense defensive? A: Never Whether in the physical/kinetic or virtual/cyber world self-defense is never truly defensive. There...
Traditional Military Action (TMA) versus Covert Action
Should the US ever self-attribute publicly? Does the nature of cyberspace make a difference in whether an activity is characterized...
CYBERLAW: Who owns what “information” on the Internet?
A VERY Quick Analysis of Judge Frank Easterbrook, US Court of Appeals, 7th District's Opinion on Internet IP Information on...
SUGGESTED READING: “Neural Networks”
For the budding Data Scientist, Engineer or Manager The following is part of a series on academic resources of interest...
Q: What are we MISSING in the SCRM Discussion?
A: More than 50% There are many historical examples how we as humans have missed the mark. It was not...
SPOT: Security Audit Rules of Engagement (ROE)
Take Control before you are taken control of.... The lead auditor will establish evaluation criteria for the assessment of the...
So, you’re now a Security Control Assessor (SCA)
Elements of Good Audit Practices There are several activities that will help the security auditor prepare for a formal assessment. ...
DOD Cybersecurity gets (even more) Serious
What is NIST SP 800-171? In 2014, DOD adopted the overall National Institute of Standards and Technology (NIST )Risk Management...
The 6-Step Incident Response Plan(IRP) Roadmap
A Quick-Start Guide Use the Cyber Incident Life Cycle to guide the company’s operational incident-handling artifact/procedure. This should be an...
SPOT: Will Lockheed run the clock out on F-35’s ALIS subsystem ATO?
2 WEEKS LEFT The F-35 joint program office issued a one-year Authority to Operate (ATO) in March 5, 2018 for...
Why System Development continues to be a challenge?
The PPT "Triangle" is at the root of this issue Origins The People-Process-Technology (PPT) Triangle has a less than defined...
Mortgage Mayhem
Lessons Learned about ongoing hacking challenges in the real estate market I recently moved across the country. Being a good...
Why I hate contract-to-hire?
...and 6 months (or less) contracts to boot Is anyone else tired of getting these positions? I keep getting them,...
COMMENTARY: The IC’s Cyber Threat Framework
Was it really worth it? The Intelligence Community (IC) recently released its Cyber Threat Framework (CTF). They have been working...
FEB 2019 POLL: Who is the greatest nation-state threat in cyberspace for 2019?
With all the new network breaches to both the public and private sector, who is the NUMBER 1 culprit? For...
We play chess, they play WEI-QI
How the Chinese are beating us in the long game The games we play as children tell us many things....
Why is Secure System Development So Hard?
Because we are not really trying So why is secure system development so hard? Too many of the major defense...
2000+ Visitors
Thanks all of you that have found and continue to visit the Cybersentinel Web Page We are happy to have...
One Reason ISO 27001 is DOA
So why should we move on and away from ISO 27001? The international standards community has done great work in...
Cybersecurity “Stress”
Even cybersecurity professionals struggle everyday with the lack of support and derision of the profession Recently, an article was released...
Cisco Systems Survival in the “Age of China”
John Chambers, former CEO, lays the foundation of Cisco's long-term success and profitability For any one who works actively within...
