One of the most frequently maligned and misused terms by information security vendors is: Artificial Intelligence (AI). AI and machine learning (ML) are, however, not a passing fad. Let me define these terms in more details.
Artificial intelligence has been the subject of sci-fi novels for several decades now. Computer systems with “brains” to rival or surpass that of humans. The idea that AI systems are “thinking machines” that in any way rival the human brain, is fiction. At least in the near future. Read More
Posted in AI & Machine Learning, Blog
We have may concerns today regarding security and privacy, but our concerns will only be magnified in the future. In this presentation I look forward 10, 20 and 30 years into the future at trends, issues and possible solutions. (My notes for #CERIAS20 futurist panel.) https://is.gd/CERIASfuture18
Posted in Blog, Presentations & Webinars
I am going to share some thoughts with you. My point of view. This should lead into some articles I plan to write on various topics. These will probably lead to presentations and podcasts over the next few months.
• IoT/IIoT/ICS: In particular related to industrial IoT (IIoT) and ethical conundrums related to consumer IoT. Compare and contrast IT/OT and IoT, IIoT, ICS-SCADA. What are the problems we need to solve? Read More
Posted in Blog
August 11th, 2017 by John
CornCon Kids’ Hacker Camp (The Children of The CornCon) will feature dozens of kid-friendly activities in 2017. These activities range from lock picking and dumpster diving, to learning about electronics, coding and blacksmithing. The intention of the kids’ camp is to open the eyes of kids to the benefits and vulnerabilities of technology. This is done every fall in the Quad Cities, 100 kids at a time.
For the first time, kids at “CornCon 3: The Courne Ultimatum” will be able to “Hack The Pentagon”. This program started as a bug bounty, developed by the DoD to uncover vulnerabilities in their computer systems and web applications. The program uncovered 138 vulnerabilities and now the U.S. Army Cyber Command is sending First Lieutenant Daniel Lim on the road to show kids and adults how bug bounty programs work, and the methods used by penetration testers to uncover and responsibly report vulnerabilities. Responsible disclosure is key, as finding and exposing vulnerabilities to the public can lead to malicious attacks, if it is not preceded by software patches to address the vulnerability first. Read More
Posted in Blog, Community
Major General Brett I. Williams discusses the distinction between cyberwarfare and information warfare. The distinction can be important!
http://www.c4isrnet.com/articles/cyberwarfare-and-information-warfare-must-be-distinguished-commentary
Posted in Blog, Cybersecurity & Infosec, Nation State
This is an interesting case where a DuPont employee stole trade secrets prior to retirement. It is often the young, brash employee who is the scapegoat. I speak from personal experience, that in the Midwest, large, old corporations distrust vendors, contractors and new employees, and tend to overlook the risk that comes from the long-time “trusted and loyal” employee. There is even a stigma if you have been at a company a long time, and leave before retirement. However, until recently, many companies continued to provide email and corporate services, and even let retirees keep their laptop, because of their retiree status. Shows that good feelings don’t amount to much, when competitors are willing to pay big bucks for your secrets. Everyone is a potential leak.
Posted in Blog, Criminal, Cybersecurity & Infosec
Here’s a recent blog post I wrote for SC Magazine:
Posted in Blog, Cybersecurity & Infosec, IoT, IIoT, ICS-SCADA
