- Information Security, Information Security and Privacy, Information Policy, Cyber Terrorism, Information Warfare, Information Assurance, and 20 moreCyber Conflict, European Security Policy, Cyberlaw, Cyberwarfare, Cyber Security, Data Mining, Machine Learning, Cloud Computing, Risk Management, Incident Response, Disaster Recovery, Business Continuity, China, Information Security Management, Governance and Risk Management, Access Control, Europe, Spain, Cyber Physical Systems, and Cyber Security Incident Responseedit
- I want to work with you on Cyber Security/Warfare/Conflict Research. Over 25 years in Securing and Analyzing ICT thr... moreI want to work with you on Cyber Security/Warfare/Conflict Research. Over 25 years in Securing and Analyzing ICT throughout the globe. Very excited about putting thought on paper.edit
The digital age has brought with it many benefits, but it has also made us vulnerable to malicious actors. One of the most dangerous threats we face today is ransomware. But, just as there is a problem, there is also a solution. By... more
The digital age has brought with it many benefits, but it has also made us vulnerable to malicious actors. One of the most dangerous threats we face today is ransomware. But, just as there is a problem, there is also a solution. By working together and implementing legislation that criminalizes ransomware attacks, we can fight back. This book is a guide to help organizations protect themselves from ransomware attacks based on best practices and industry standards from ENISA to NIST, CMMC to CISA. It covers everything from conducting Ransomware Readiness Assessments to managing assets and incident response. By taking proactive measures, businesses can significantly reduce their susceptibility to ransomware attacks. This book is not only informative but also empowering. It will give you the tools and knowledge you need to take control of your cybersecurity and protect your organization from the damaging effects of ransomware. With this book as your guide, you'll be able to turn the tide against ransomware threats and protect your organization from the damage they can cause. Although not exhaustive due to the rapid evolution of ransomware capabilities, the assessment will cover the following areas including.
Application Integrity
Asset Management
Incident Response
Network Perimeter Monitoring
Patch and Update Management
Phishing Prevention and Awareness
Risk Management
Data Backup
User and Access Management
Web Browser Management and DNS Filtering
Application Integrity
Asset Management
Incident Response
Network Perimeter Monitoring
Patch and Update Management
Phishing Prevention and Awareness
Risk Management
Data Backup
User and Access Management
Web Browser Management and DNS Filtering
Research Interests:
One of the major reasons that website outages occur is based on issues with the secure socket layer (SSL) protocol. A key piece to this is many organizations now outsource their websites and often never attempt access to their company on... more
One of the major reasons that website outages occur is based on issues with the secure socket layer (SSL) protocol. A key piece to this is many organizations now outsource their websites and often never attempt access to their company on a day to day basis via external resources. An example that most commonly occurs is when organizations forget to renew SSL certificates or auto renewing applications fail. Additionally, SSL insecurity can also occur when there are misconfigurations. The following is a foundational example of how to integrate real world failures into test, training and exercise events. Case Study: Service Outage Due to Mis-configured SSL Certificate BACKGROUND:
Research Interests:
Active Cyber Defence in the OT environment remains a challenge to industry professionals based on our inability to focus more on the nuanced commonalities and instead focus on what we consider major differences. My first example to... more
Active Cyber Defence in the OT environment remains a challenge to industry professionals based on our inability to focus more on the nuanced commonalities and instead focus on what we consider major differences. My first example to hopefully explain what I mean is the understanding of the original CIA, where we would work to ensure systems maintained confidentiality, integrity, and availability. We often prioritised the systems in the same way based on prioritisation or MAC level. Within essential services we still have the CIA prioritisation consideration the difference is there is often a coupling of Availability & Integrity prior to Confidentiality. (Simple Example: Water Flow from a dam). With 90% of Critical Infrastructure service providers having been impacted by at least one successful cyber attack , the key security enhancements can no longer be slow rolled. We need to obtain actionable visibility in the OT environment. In addition, implementing the suggestions below will help your organisation meet regulatory
Detection & Analysis in the (OT) Environment – To Meet Regulatory Compliance
Detecting an incident early is important to minimising the impact of a potential threat. Early detection is specifically important in the delivery of essential services as early detection will limit and potentially prevent damage to the underlying ICS. Detection in OT “always on” requires continuous monitoring for anomalies, prioritisation of event correlation, implementation of a log collection and analysing strategy for the environment.
Detection & Analysis in the (OT) Environment – To Meet Regulatory Compliance
Detecting an incident early is important to minimising the impact of a potential threat. Early detection is specifically important in the delivery of essential services as early detection will limit and potentially prevent damage to the underlying ICS. Detection in OT “always on” requires continuous monitoring for anomalies, prioritisation of event correlation, implementation of a log collection and analysing strategy for the environment.
Research Interests: Water, Operations Research, Intelligence, Network Security, Energy, and 13 moreDisaster Management, European Foreign and Security Policy, Smart Grid, PLC Automation, Critical Infrastructure Security, Critical infrastructure protection, Protocols, Essential Services, Cyber Security, PLC and SCADA based papers, Power System - SCADA and Smart Grid Applications, ICs, and NERC Compliance
The requirement for a collaborative effort to achieve a common set of security standards for use by entities that process, store or transport voter data. -More than 350,000 voting machines are used in the Unites States today in over 42... more
The requirement for a collaborative effort to achieve a common set of security standards for use by entities that process, store or transport voter data. -More than 350,000 voting machines are used in the Unites States today in over 42 States (VerifiedVoting 2017). The rise in the use of electronic mediums has posed great concern for those voting and those running for office. In 2016, the State of Florida reported the targeted attempts by Russian hackers to infiltrate and manipulate electronic voting in as much as 67 elections offices. As well reporting from additional sources that as many as voter database compromises across 21 states and forensics discovery at attempts by hackers to infiltrate the networks of voting equipment vendors, local election boards, political parties and email and social media accounts for candidates. The industry and cyber security community has not discovered a process to protect the most democratic process in the world to date – Voting remains a target held at risk. 2018 Elections are critical to moving the U.S. forward to recovery - Feel free to reach out if you need support or have any additional questions.
Research Interests: European Studies, Russian Studies, Artificial Intelligence, Cybercrimes, Electronic Voting, and 18 moreIranian Studies, China, Syria, Elections, Russia, Cybersecurity, Hacking, California, Critical infrastructure protection, Estonia, City and county government, Fraud, Cyber Security, Eurozone, NATO's New Strategic Concept, Logging, Cyber Attack, and NIST
To minimize the chances of getting A.S.S, one needs to have strong morals and beliefs to attenuate Stockholm Syndrome. In the case of being an assessor, be prepared. Always work with organizations ahead of time to ease fears and tension... more
To minimize the chances of getting A.S.S, one needs to have strong morals and beliefs to attenuate Stockholm Syndrome. In the case of being an assessor, be prepared. Always work with organizations ahead of time to ease fears and tension by providing clear guidance from the strategic, to hands-on methods that will be employed during the assessment. Working together before hand will minimize the excuses, violations, and need to bond – Allowing you to HELP organizations mature their cybersecurity posture. Don't get attached!
Research Interests:
Working in Cyberspace Operations from multiple aspects has led me to question the multiple methods and frameworks used to defend enterprises. This has also led to an effort of integrating military operational frameworks where focuses... more
Working in Cyberspace Operations from multiple aspects has led me to question the multiple methods and frameworks used to defend enterprises. This has also led to an effort of integrating military operational frameworks where focuses remain on small, yet focused, synchronized integrated teams. This is unfortunately a new concept for cyberspace teams. It has led to some heated discussions among my colleagues because we all know all frameworks are wrong, but some are useful and further every analytical operator has internal prejudices. I seek to present F3EAD as a framework for DCO-RA & possible Offensive Cyber Operations.
Research Interests: European Studies, Russian Studies, Democracy and Cyber-Democracy Theory and Practice, Government, Africa, and 28 moreIranian Studies, The Internet of Things, Cyber Terrorism, Cyber Warfare, China, Cyber crime, Malware Analysis, Cybersecurity, Ethical Hacking, Hackers, United States, Cyber Security, PLC and SCADA based papers, Cyber Attack, Syrian Electronic Army, The EEC Equal Treatment Directive (76/207/EEC) Article 5 (1), Cyber Kill Chain, Military TTP, Cyber Key Terrain, F3EAD, Cyber TTP, JP 3-12 cyberspace operations, George Crawford, Fireeye, Merrit, Cavelty, Sergio Caltagirone, and NIST Cyber Security Framework
Research Interests:
As we continue to develop capabilities within organizations providing Defensive Cyber Operations it is critical to develop organizational maturity. Current methodologies although effective are unsustainable do to the rapid evolvement of... more
As we continue to develop capabilities within organizations providing Defensive Cyber Operations it is critical to develop organizational maturity. Current methodologies although effective are unsustainable do to the rapid evolvement of cyber threat.
A organizational level approach can be made by adopting some of the following objectives:
1. Increase the pay scale for “qualified” CND Analysts - CIRT staff are often the lowest paid tier of Incident Response personnel.
2. Hire “Analytical” people – A Great Sys Admin does not a Great System Defender Guarantee. “Better analytical capability makes up for a lot of memorized technical knowledge. Having both makes you a god.”
3. Function Rotation – Although specialization is a critical capability, functional rotations assists in creating analytical thought by adding perspective and insight to all aspects of DCO.
4. Teach analyst how to communicate - share your best business practices what's worked and not worked. Not only with internal teams, but with colleagues in industry. It is terrible to have great analysts that nobody wants to work with..
5. Hire passionate team players - I can send you to all the certification training in infosec the world has to offer but if you aren't doing this because you live it.... We are both wasting our time.
6. Employ - “better leadership to foster Passion”
7. Start utilizing the sensors and systems in place to their capacity/capability - Too many times systems are not employed fully whether lack of system training or misunderstood vendor support agreements. Garbage in garbage out.. Nothing in nothing out
8. Require training and certification - Ensure a common baseline for both the technical and communication side (GCIH, CISM, Project Management, MBCI) the management piece is to ensure analysts can write and follow from beginning to the end and understand the operational impact of incidents. Although this seems obvious take a look around
9. Exercise your capabilities - through, xnet or similar means to make teams operate together
10. Audit and assess - internally often, (show me, tell me, provide me documentation) to ensure organizational maturity. The team will have a vested interest.
Proactive efforts to accomplish specific steps will assist in maturing the DCO craft.
A passion for this work helps people dig for root cause, and gets people looking for the needles in needle stacks, fixing the broke, and documenting processes to help build the whole team rather than oneself.
Key Questions:
What is the Cyber Kill Chain Process
What can we do to mitigate attacks sooner
How do we improve Incident Response
A organizational level approach can be made by adopting some of the following objectives:
1. Increase the pay scale for “qualified” CND Analysts - CIRT staff are often the lowest paid tier of Incident Response personnel.
2. Hire “Analytical” people – A Great Sys Admin does not a Great System Defender Guarantee. “Better analytical capability makes up for a lot of memorized technical knowledge. Having both makes you a god.”
3. Function Rotation – Although specialization is a critical capability, functional rotations assists in creating analytical thought by adding perspective and insight to all aspects of DCO.
4. Teach analyst how to communicate - share your best business practices what's worked and not worked. Not only with internal teams, but with colleagues in industry. It is terrible to have great analysts that nobody wants to work with..
5. Hire passionate team players - I can send you to all the certification training in infosec the world has to offer but if you aren't doing this because you live it.... We are both wasting our time.
6. Employ - “better leadership to foster Passion”
7. Start utilizing the sensors and systems in place to their capacity/capability - Too many times systems are not employed fully whether lack of system training or misunderstood vendor support agreements. Garbage in garbage out.. Nothing in nothing out
8. Require training and certification - Ensure a common baseline for both the technical and communication side (GCIH, CISM, Project Management, MBCI) the management piece is to ensure analysts can write and follow from beginning to the end and understand the operational impact of incidents. Although this seems obvious take a look around
9. Exercise your capabilities - through, xnet or similar means to make teams operate together
10. Audit and assess - internally often, (show me, tell me, provide me documentation) to ensure organizational maturity. The team will have a vested interest.
Proactive efforts to accomplish specific steps will assist in maturing the DCO craft.
A passion for this work helps people dig for root cause, and gets people looking for the needles in needle stacks, fixing the broke, and documenting processes to help build the whole team rather than oneself.
Key Questions:
What is the Cyber Kill Chain Process
What can we do to mitigate attacks sooner
How do we improve Incident Response
Research Interests: Information Security, Resilience, Cyber Warfare, Cyber crime, Malware Analysis, and 17 moreCyber Physical Systems, Cyber Security, Firewall, ICT policy research as it relates to e-governance, e-learning and cyber security. Assessment studies such as social networking, Internet adoption and recommender systems (data mining & pattern recognition), Cyber Attack, Isaca, Isc2, Delta Risk, Joey Hernandez, IMPACT Alliance, Cyberspace Operations, HBSS, Cyber Kill Chain, Joint Publication 3-12, 6510.01, FIRST.org, and Cyber Red Team
Recently, the the view of Cyberspace as an Ecosystem has become a subject of increasing interest to professionals in multiple ICT disciplines. Much of the interest has been stimulated by the growing problems within the environment, and... more
Recently, the the view of Cyberspace as an Ecosystem has become a subject of increasing interest to professionals in multiple ICT disciplines. Much of the interest has been stimulated by the growing problems within the environment, and the emergence and/or reemergence of viruses, malware and growth in Advanced Persistent Threats worldwide. The Miasmatic Theory originated in the 19th century and based on the belief that "diseases" were caused by the presence of a poisoned fog/mist in the ecosystem, which contained infected matter (miasmata). The Miasmatic position was that the spread of diseases were the product of environmental factors including contaminated water, air, soil and overall poor hygienic conditions. Key to the theory is that infections were not passed between individuals but rather affect individuals who resided within the particular location. Second, infected & contaminated space was identifiable. The creation of Top Level Domains such as .RU for Russian and .CN for Chinese domains as well as geolocated IP addressing for countries has created a similar environment for locales. These locales require direction and coordination to provide leadership on establishing norms, policy institution, technical support and monitoring and assessing health trends. Protecting the cyberspace ecosystem is a shared responsibility and required to provide a collective defense against the miasmatic threat. Joey Hernandez CISM, CISSP
Research Interests: ICT in Education, Hacktivism, Cyber Warfare, China, Linguistics, and 50 moreNew ICANN Top Level Domains, Iran, Russia, Ethical Hacking, CISSP, Cyber Security, Cism, Enisa, SIEM, CSIS, ICANN, Iscsp, ICT Risk Management in Organizations: Case studies in Thai Business, Delta Risk, Joey Hernandez, Mcafee, Security Information and Event Management, Top Malware Threats 2013, Top Malware Countries 2013, Europe Malware, Top Phishing Sites 2013, Russia Malware, USA Malware, TLD Malware 2013, Sophos, Cyber Miasma, ITU, Top Malware Websites, Kaspersky, Domain Typo-squatting, Top Anti Malware, Virus Sites, Google Malware Sites, Sans Storm Center, Sans Internet Storm, Microsoft Security Intelligence Reports, Malware Sandbox, RCERT Europe, CMU SEI, Black Hat, Trend Micro, Top Malware Sites, Top Cyber Threats, Joey Hernandez CISSP, Misspellings, Typo Squatting, Cyber Squatting, Social Squatting, Social Sites, and Social Domains
Research Interests: Economics, Privacy, Network Security, Political Science, Gang Culture and Dynamics, and 31 moreBoxing, Cryptography, Anonymity, Anonymous, CEO, Hackers, Tecnologia, Blood, Cyber Security, Segurança Pública, Cult of the Dead Cow, Miami, Ciberativismo, US Policy toward drug cartel in south america, Web Site Defacement, Anonymous Facebook, The Anonymous Hackers, The Hackers, LulzSec, Milw0rm, Chaos Computer Club, We Are Legion, Telecomix, Crips, Latin Kingz, SJX13, Wireless Communication Security, Security in wireless ad hoc, mesh, sensor networks, LabJor, ComCiência, and Ativismo
"In today’s information-driven business environment, enterprise systems and processes capture an ever-increasing amount of data. To derive meaningful and actionable information from this data, businesses are compelled to commit... more
"In today’s information-driven business environment, enterprise systems and processes capture an ever-increasing amount of data. To derive meaningful and actionable information from this data, businesses are compelled to commit significant resources to perform the necessary analysis. While all business areas are impacted to varying degrees, few face a greater challenge than the information security department. To support its mission to protect critical information assets, the information security department must maintain an ongoing process to capture, analyze and subsequently act on log and alert information collected from a wide array of systems across the enterprise.
Typically, these data must be analyzed and actionable.... Joey Hernandez worked as a SME Reviewer for this ISACA effort"
Typically, these data must be analyzed and actionable.... Joey Hernandez worked as a SME Reviewer for this ISACA effort"
Research Interests: Information Security, Machine Learning, Data Mining, Network Security, Africa, and 35 moreAccess Control, Cyber Conflict, Cloud Computing, Malware Analysis, CISA, Smart spaces, Cyber Physical Systems, Complex Event Processing, Incident Management, Army, Cyber Security, Semantic Computing, Cism, SIEM, Incident Response, Air Force, 17D, Joey Hernandez, Event and Incident, Itil Event, Security Event Management, Computer Incident Response, Arcsight Splunk, Arcsight, Siem Arcsight, Q1 Labs for QRadar SIEM, Tripwire for Tripwire Log Center, Symantec for Symantec Security Information Manager, HBSS, Solaris BSM Log Connector, P2P/Overlay Networks, VoIP/SIP/IMS, Distributed Information Systems, RFID and Sensor Networks, and Authentication Protocols
"Elevated age in cyber warfare Malware has become focused SCADA Systems (Stuxnet) Malware performs Operational Preparation of the Environment (OPE) Conficker (Millions still infected) Ransomeware Data is being held hostage The... more
"Elevated age in cyber warfare
Malware has become focused
SCADA Systems (Stuxnet)
Malware performs Operational Preparation of the Environment (OPE)
Conficker (Millions still infected)
Ransomeware
Data is being held hostage
The advanced capability of the threat has increased the risk.
Understanding the risk allows employment of defensive measures to mitigate the risk – “Risk will always be present”"
Malware has become focused
SCADA Systems (Stuxnet)
Malware performs Operational Preparation of the Environment (OPE)
Conficker (Millions still infected)
Ransomeware
Data is being held hostage
The advanced capability of the threat has increased the risk.
Understanding the risk allows employment of defensive measures to mitigate the risk – “Risk will always be present”"
Research Interests: Entrepreneurship, European Studies, Military Intelligence, Tactics (Military Science), Art, and 75 moreInformation Security, Organizational Change, Machine Learning, Data Mining, Middle East Studies, International Business, Leadership, International Trade, Network Security, NATO, Sustainable Development, Africa, Information Warfare, Strategic Management, Israel/Palestine, Lebanon, Access Control, ICT, Cyber Terrorism, Cyber Warfare, China, Global Leadership, Boxing, Syria, Cisco Security, Middle East Politics, Cloud Computing, Cybercultures, Anonymous, Malware Analysis, Iran, Organizational Development, International Management, Smart spaces, Symantec Web, Barack Obama, Cyber Physical Systems, Complex Event Processing, Army, Cyber Security, Semantic Computing, intelligent robot, robot learning, industrial automation, PLC, SCADA, Stuxnet, Art of War, Hackerspaces, Wardens Rings, Center of Gravity, Wells Fargo, Ethnicity and National Identity, Air Force, Cyber War, Backtrak, Nmap, Isaca, Isc2, NIST, Delta Risk, Northrop Grumman, 17D, Joey Hernandez, Leon Panetta, Aramco, Nortel, Alcatel, Bluecoat, Mcafee, Cyber Security Warfare, On Cyber Warfare, The Art of War, Cyber Attacks, P2P/Overlay Networks, VoIP/SIP/IMS, Distributed Information Systems, RFID and Sensor Networks, and Authentication Protocols
"Similar Squatting Targets BRAND NAME domains Relies on typographical errors made by direct input URLs Often involved with illegal activity Also used for FINANCIAL gain According to Brandjacking Index, the risk of brand misuse... more
"Similar Squatting
Targets BRAND NAME domains
Relies on typographical errors made by direct input URLs
Often involved with illegal activity
Also used for FINANCIAL gain
According to Brandjacking Index, the risk of brand misuse worldwide is the highest in US, Germany and UK.
59%+ all websites using brand names for illegal purposes originate from these three countries.
Organization Focused on defeating these efforts
Alias Encore
Hacker groups Anonymous R00tbeer Dark.Team
Joey Hernandez for more information"
Targets BRAND NAME domains
Relies on typographical errors made by direct input URLs
Often involved with illegal activity
Also used for FINANCIAL gain
According to Brandjacking Index, the risk of brand misuse worldwide is the highest in US, Germany and UK.
59%+ all websites using brand names for illegal purposes originate from these three countries.
Organization Focused on defeating these efforts
Alias Encore
Hacker groups Anonymous R00tbeer Dark.Team
Joey Hernandez for more information"
Research Interests: Cyberlaw, Information Security, Machine Learning, Data Mining, Homicide, and 34 moreNetwork Security, Africa, ICT in Education, Access Control, New ICANN Top Level Domains, Cloud Computing, Malware Analysis, Smart spaces, Cyber Physical Systems, CISSP, Complex Event Processing, Europe, Army, Cyber Security, Typosquatting, Semantic Computing, Cism, Enisa, TLD, Air Force, 17D, Joey Hernandez, Miasmatic, Antiphon, P2P/Overlay Networks, VoIP/SIP/IMS, Distributed Information Systems, RFID and Sensor Networks, Authentication Protocols, Noelia Prieto, Dave Barnett Tas Wake, Angel Redoble, Drakon, and Miasma
The first release of Dealing with the Cyber Advanced Persistent Threat with contributions from Cyber Security Professionals from around the globe.
Research Interests: Machine Learning, Data Mining, Fuzzy Logic, Access Control, Cyber Terrorism, and 52 moreCyber Warfare, Risk Management, China, Facebook, Boxing, Cloud Computing, Spain, Russia, Enumeration, Malware, Germany, Smart spaces, Social Engineering, CEH, Cyber Physical Systems, CISSP, Complex Event Processing, Europe, Advanced Persistent Threats, Cyber Security, Cyber Security, Semantic Computing, LinkedIn, Cism, SIEM, Cyber Threats, Outreach, APT, Iscsp, Iscsp, CERT, Scanning, Joey Hernandez, IMPACT Alliance, Footprinting, Cwfi, Joey Hernandez Cism, Microsoft Windows Software Restriction, 0-day, Cyber Silver Bullet, Addressing Root Cause APT, Holistic Security, Proactive Defense, P2P/Overlay Networks, VoIP/SIP/IMS, Distributed Information Systems, RFID and Sensor Networks, Fuzzy Rules, Fuzzy Rule Based Cyber Expert System (FRBCES, Noelia Prieto, Dave Barnett Tas Wake, and Angel Redoble
A CARVER assessment is the first step in helping organizations obtain insight to their critical assets as systems which process, store, and transmit information critical to business operations. Foundational, the approach leverages an... more
A CARVER assessment is the first step in helping organizations obtain insight to their critical assets as systems which process, store, and transmit information critical to business operations. Foundational, the approach leverages an often overlooked adversarial prospective with subjective functional focused critical asset identification. Increased measure to protect, detect and defend against threat will reduce attack surfaces and require future evaluation to identify gaps and validate input.
Research Interests: Military History, Information Technology, Special Operations And Low Intensity Conflict, Cybercrimes, Political Science, and 15 moreIranian Studies, China, Russia, Infrastructure, Privacy and data protection, ITIL and IT Service Management, Cyber Security, Conceptual Framework, IT Security, Shodan, criticism of Carver models, Joey Hernandez CISSP, MDR/XDR TB, Cyber Threat Intelligence, and General Data Protection Regulation (GDPR)
Background/ Explanation of Issues: Joint Publication 1-02 states deterrence “prevents adversary action through the presentation of a credible threat of unacceptable counteraction and belief that the cost of the action outweighs the... more
Background/ Explanation of Issues: Joint Publication 1-02 states deterrence “prevents adversary action through the presentation of a credible threat of unacceptable counteraction and belief that the cost of the action outweighs the perceived benefit” (Joint Publication 1-02, 2015 p.67). Deterrence has long been a part of our military doctrine and can be implemented in various aspects of joint operations to include the range of military operations. Today, we see deterrence used in the form of strategic messaging with the end goal of persuading a population towards a particular national strategic objective. In the past, the threat of military force and nuclear warfare were enough of a deterrent to obtain national objectives. As we approach the age of cyberwarfare, social media has become a major platform for deterrence messaging. Our adversaries understand this and have designed overt and covert measures to disrupt military and civilian operations. This is political warfare through a cyber-domain (Giannetti, 2017).
Recent accusations of Russian meddling in the 2016 United States (U.S.) elections have ignited the debate regarding the use of strategic communication and deterrence messaging. Once relics of the Cold War, deterrence messaging and propaganda were employed by both the U.S. and the former Soviet Union as a way to indirectly wage war against one another, specifically within Third World countries.
Keywords: Deterrence, Joint Publication, Russia, Elections, Cyber, China, Russia, North Korea, Iran, and Transnational Threat Actors, Clinton, Trump, COA, DINFOS, DOTMLP, Weighted Sum, NGO, IOC
Recent accusations of Russian meddling in the 2016 United States (U.S.) elections have ignited the debate regarding the use of strategic communication and deterrence messaging. Once relics of the Cold War, deterrence messaging and propaganda were employed by both the U.S. and the former Soviet Union as a way to indirectly wage war against one another, specifically within Third World countries.
Keywords: Deterrence, Joint Publication, Russia, Elections, Cyber, China, Russia, North Korea, Iran, and Transnational Threat Actors, Clinton, Trump, COA, DINFOS, DOTMLP, Weighted Sum, NGO, IOC
Research Interests: Russian Studies, Air Force Studies, Deterrence, Cold War, Non-Governmental Organizations (NGOs), and 24 moreSocial Media, China, Psychological operations (PSYOP), Information operations (IO), Elections, Hillary Clinton, Cyber Security, Insider Threat, Joey Hernandez, Cyberspace Operations, Task Force, Air national Guard, Interagency Collaboration, Donald Trump, United States Air Force, Captain, GDPR, Military Officers, General Data Protection Regulation (GDPR), Jayson Sexton, Anya Davis, Alexis Epps, soceur, and useucom
This article was presented at the European Cyber Security Summit 2016 in Prague Czech Republic. The focus was on the following points: - Fundamentals of Cyber Intelligence - Strategic To Tactical Approach - Understanding The Cyber Kill... more
This article was presented at the European Cyber Security Summit 2016 in Prague Czech Republic. The focus was on the following points:
- Fundamentals of Cyber Intelligence
- Strategic To Tactical Approach
- Understanding The Cyber Kill Chain - and STAR
- A Little Bit About Targeting In Cyberspace
- Where You Should Be Today
- What You Need To Do To Mature Your Cyber Intelligence Capability
- Fundamentals of Cyber Intelligence
- Strategic To Tactical Approach
- Understanding The Cyber Kill Chain - and STAR
- A Little Bit About Targeting In Cyberspace
- Where You Should Be Today
- What You Need To Do To Mature Your Cyber Intelligence Capability
Research Interests:
The digital age has brought with it many benefits, but it has also made us vulnerable to malicious actors. One of the most dangerous threats we face today is ransomware. But, just as there is a problem, there is also a solution. By... more
The digital age has brought with it many benefits, but it has also made us vulnerable to malicious actors. One of the most dangerous threats we face today is ransomware. But, just as there is a problem, there is also a solution. By working together and implementing legislation that criminalizes ransomware attacks, we can fight back. This book is a guide to help organizations protect themselves from ransomware attacks based on best practices and industry standards from ENISA to NIST, CMMC to CISA. It covers everything from conducting Ransomware Readiness Assessments to managing assets and incident response. By taking proactive measures, businesses can significantly reduce their susceptibility to ransomware attacks. This book is not only informative but also empowering. It will give you the tools and knowledge you need to take control of your cybersecurity and protect your organization from the damaging effects of ransomware. With this book as your guide, you'll be able to turn the tide against ransomware threats and protect your organization from the damage they can cause. Although not exhaustive due to the rapid evolution of ransomware capabilities, the assessment will cover the following areas including.
Application Integrity
Asset Management
Incident Response
Network Perimeter Monitoring
Patch and Update Management
Phishing Prevention and Awareness
Risk Management
Data Backup
User and Access Management
Web Browser Management and DNS Filtering
Application Integrity
Asset Management
Incident Response
Network Perimeter Monitoring
Patch and Update Management
Phishing Prevention and Awareness
Risk Management
Data Backup
User and Access Management
Web Browser Management and DNS Filtering