Stan Wisseman

ICIT Brief: In 2017, The Insider Threat Epidemic Begins

Just as American and European critical infrastructure executives were beginning to wrap their minds around the devastation of the Office of Personnel Management breach, ransomware erupted onto the scene, followed by concentrated DDoS attacks such as the Mirai botnet attack on Dyn, which enabled a quantum leap for cyber criminals.  Now, all techno-forensic indicators suggest .. read more

ICIT Brief: Combatting the Ransomware Blitzkrieg with Endpoint Security

Ransomware, the weaponization of encryption, has struck fear and confusion into the hearts of PC users and critical infrastructure communities alike. While it is impossible for organizations to prevent malware from infecting their networks, those who deploy a multi-layered security strategy and teach proper cybersecurity hygiene to their employees have a strong chance of defending against these .. read more

ICIT Brief: Hacking Healthcare IT in 2016: Lessons the Healthcare Industry can Learn from the OPM Breach

Among all of America’s critical infrastructures, the healthcare sector is the most targeted and plagued by perpetual persistent attacks from numerous unknown malicious hackers. The goal of these threat actors is to exploit vulnerabilities in insecure and antiquated networks in order to exfiltrate patient data for financial or geopolitical gain. In order to protect patient .. read more

Legislative Brief “Moving Forward: How Victims Can Regain Control & Mitigate Threats in the Wake of the OPM Breach”

In June 2015, the Nation learned that the personnel records of 21.5 million United States citizens had been exfiltrated by an unknown adversary from the Office of Personnel Management, one of the largest known breaches in the history of the U.S. Government.  The immediate public outcry included congressional hearings attributing the breach to OPM administrators and .. read more

ICIT Brief: OPM Demonstrates that Antiquated Security Practices Harm National Security

The Institute for Critical Infrastructure Technology has published its official analysis of the Office of Personnel Management breach, Handing Over the Keys to the Castle: OPM Demonstrates that Antiquated Security Practices Harm National Security.  This research brief provides insights on several of the most important aspects of the breach, some of which are not being .. read more

Legislative Brief: “Preventative Measures- Ensuring Information Security Prior to mHealth Development”

The Institute for Critical Infrastructure Technology  issued its latest legislative briefing titled “Preventative Measures- Ensuring Information Security Prior to mHealth Development”.  The brief is an analysis of the proliferation of mobile technologies in the healthcare ecosystem, addressing the benefits mobility brings to patients and health providers as well as data privacy risks that exist if these technologies are .. read more

Analysis of H.R. 1560 Title I (Protecting Cyber Networks Act) and Title II (National Cybersecurity Protection Advancement Act)

The Institute for Critical Infrastructure Technology (ICIT) today issued a briefing to members of the U.S. House of Representatives, U.S. Senate, Federal Agencies and other Critical Infrastructure Sector Leaders titled “Progress as Two Steps Forward and One Step Back: Analysis of H.R. 1560 Title I and Title II (H.R. 1731).”   The briefing is a detailed .. read more

ICIT Briefs Congress on HR691 Telehealth Modernization Act of 2015

ICIT briefed members of the Rural Health Caucus on HR691  –  Telehealth Modernization Act of 2015, where Fellows provided expertise on rural health, telemedicine, and privacy issues surrounding telehealth initiatives.  ICIT Fellows advised for strong security and access management, interoperability between EHRs, patient access to data, and the securing of data pathways themselves. Click here .. read more

ICIT Fellows Brief Congressional and Senate Members on H.R.3696 Cybersecurity and Critical Infrastructure Protection Act of 2014

Week of March 2, 2015:  ICIT presented to members of the Congressional Cybersecurity Caucus and a member of Senate on H.R. 3696: Cybersecurity and Critical Infrastructure Protection Act, in order to discuss certain aspects of the bill which it believes will be included in 2015 legislation. These meetings gleaned important findings and requests for additional briefings .. read more