The Internet of Things: Providing Convenience at the Expense of Security

The importance of managing IoT devices on your network By Mesay Degefu and Colby Proffitt   In the United States, critical infrastructure is defined as “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, […]

Training A&A Analysts to think and act like CND professionals

Training A&A analysts to think and act like CND professionals. This white paper examines the role of the Authorization and Accreditation analyts performing cybersecurity functions.  While cybersecurity threats have evolved, many A&A analysts still review and approve systems by reviewing documentation, rather than considering a holistic approach embraced by Computer Network Defense (CND) professionals. We […]

To Pay or Not to Pay? Recovering from a Crypto-Ransomware Attack

As discussed in Part I of this series, crypto-ransomware is quickly becoming the extortion tool of choice for cybercriminals. Even when an organization trains its employees to guard against social engineering, disables macros and configures ad-blockers, and takes an array of other steps to protect its data, it only takes one misstep for threat actors […]