I spoke on a Docent Institute webinar last night co-hosted by Iowa Illinois IEEE Section – R4 and IEEE Computer Society (Iowa-Illinois Chapter). The title of the talk is, “Navigating Cybersecurity and Systemic Risk in a Rapidly Advancing Technological Landscape”where I discussed #cybersecurity and #systemic_risk. Thanks to Binto George & Michael Umakor, who were co-hosts. Check out the video! You may find the video and slides here:
[November 18, 2024] Docent Institute hosted the 2024 Chicago Security Speakeasy with 60 guests for drinks and dinner at the oldest private club in Chicago. A wonderful venue for a formal pre-holiday party and charity fundraiser. Thanks to my friends for making it possible, as members of this exclusive club!
I was honored to be invited to give a presentation on November 14th in Rockford, IL for the Rock River Valley Section. The turnout was 30+ members and non-members. Click the image above for the PDF.
Docent Institute is hosting a private CISO Dinner & Charity Fundraiser for Docent Institute for Greater Chicago Area security leaders on November 18th, 2024 at The Casino, near the Hancock Building, from 6-9pm. There will be appetizers, fine dining and open bar with special bourbon tasting from NetThunder. [This event has SOLD OUT]
I think of us in some kind of twilight world as transformative AI looks more likely: things are about to change, and I don’t know if it’s about to get a lot darker or a lot brighter.
Increasingly this makes me wonder how I should be raising my kids differently.Read More
Cybersecurity practitioners, as defenders of information, benefit from the fact that they are, in some ways, one large team, and the sharing of information and best practices as an industry and a community elevates everyone’s ability to protect their data. The passing of experience and expertise among peers is important, but staying ahead of emerging cyber threats requires recruiting and training the next generation.
CornCon “Quad Cities Cybersecurity Conference” is returning in person on September 30 & October 1, 2022. To be held at RiverCenter convention center in downtown Davenport, Iowa, this year’s conference will include a Thursday CISO summit (TBD), two days full of great speakers, tutorials, villages and expo, as well has K12 activities on both Friday and Saturday. More details can be found on the conference website: https://corncon.net. (note that early bird pricing has been extended to July 15th)
Systemic risk is about the risk that exists between the parts of any complex system. This includes third-party vulnerabilities. Being able to understand if any third party introduces critical levels of systemic risk to the entire system through concentration risk is also a critical systemic cyber risk challenge.
Supply-chain attack using invisible code hits GitHub and other repositories
While most of the code appears in normal, readable form, malicious functions and payloads—the usual telltale signs of malice—are rendered in unicode characters that are invisible to the human eye. The
Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw
The KB5084597 hotpatch update was released yesterday to fix vulnerabilities in the Windows Routing and Remote Access Service (RRAS) management tool that could allow remote code execution when connecting to a
If anyone knows of a small security vendor, or other who may be interested in sponsoring the 15th RSAC Security Speakeasy, everything is arranged and my nonprofit isn't quite covering the costs. We have one sponsor and will consider a discount if it helps. Docent is cyber
Hackers Use Cloudflare Human Check to Hide Microsoft 365 Phishing Pages
The trick is as simple as it is effective. When a victim clicks a link to a malicious site, such as http://securedsnmail.com in this case, they hit a ‘Turnstile’ verification check. This, as we know it, is
