critical infrastructure

ICIT Brief: Metadata – The Most Potent Weapon in This Cyberwar: The New Cyber-Kinetic-Meta War

Metadata, or “data about data,” is collected and recorded to describe data, identify trends, administer algorithmic solutions, and model potential scenarios. When one understands how to make sense of seemingly random metadata or how to pair the data with other exfiltrated data pools, there are limitless possibilities for social engineering and cyber exploitation in attacks .. read more

Next Generation Defenses for a Hyper Evolving Threat Landscape: An Anthology of ICIT Fellow Essays Volume I

The onslaught of attacks on our Critical Infrastructure sectors by nation state, mercenary, criminal and cyber jihadist APTs is robbing organizations of millions worth of IP and victimizing citizens whose inadequately protect PII is being exfiltrated and used for economic gain or counterintelligence purposes. Organizations must be on the forefront of bleeding-edge cybersecurity technologies and .. read more

The Necessity of Encryption for Preserving Critical Infrastructure Integrity: Protecting Data At-Rest, In-Transit, and During-Processing with Format Preserving Encryption

The Necessity of Encryption for Preserving Critical Infrastructure Integrity: Protecting Data At-Rest, In-Transit, and During-Processing with Format Preserving Encryption by James Scott, Sr. Fellow, ICIT DOWNLOAD A PDF OF THIS POST HERE Breaches Result in Loss of Trust Cybersecurity is rooted in trust. Organizations expend resources purchasing and maintaining the systems and applications that they .. read more

ICIT Analysis: The Cyber Shield Act

Industry experts and federal agencies such as NSA, NASA and NIST have repeatedly pushed for the implementation and standardization of the bare essentials of Information Security, such as security-by-design, cyber-hygiene training, and layered defenses, to be recognized as crucial topics on the Hill.  The Cyber Shield Act is an excellent idea for improving informed consumer .. read more

ICIT Brief: In 2017, The Insider Threat Epidemic Begins

Just as American and European critical infrastructure executives were beginning to wrap their minds around the devastation of the Office of Personnel Management breach, ransomware erupted onto the scene, followed by concentrated DDoS attacks such as the Mirai botnet attack on Dyn, which enabled a quantum leap for cyber criminals.  Now, all techno-forensic indicators suggest .. read more

ICIT Publication: Dragnet Surveillance Nation: How Data Brokers Sold Out America

With recent accusations of fake news and the weaponization of information as a mechanism of steering public perceptions dominating headlines around the world, have you ever considered the reality that private dragnet surveillance via social media properties, ISPs, search engines, health sector organizations etc., heavily contribute to the problems of adversarial intervention and streamlined distribution .. read more

ICIT Publication – Rise of the Machines: The Dyn Attack Was Just a Practice Run

As the adversarial threat landscape continues to hyper-evolve, America’s treasure troves of public and private data, IP, and critical infrastructure continues to be pilfered, annihilated, and disrupted.  The Mirai IoT botnet has inspired a renaissance in adversarial interest in DDoS botnet innovation based on the lack of fundamental security-by-design in the Internet and in IoT .. read more