Category: Cybersecurity & Infosec

December 19th, 2024 by Jj0hnnyj

I spoke on a Docent Institute webinar last night co-hosted by Iowa Illinois IEEE Section – R4 and IEEE Computer Society (Iowa-Illinois Chapter). The title of the talk is, “Navigating Cybersecurity and Systemic Risk in a Rapidly Advancing Technological Landscape”where I discussed #cybersecurity and #systemic_risk. Thanks to Binto George & Michael Umakor, who were co-hosts. Check out the video! You may find the video and slides here:

Posted in AI & Machine Learning, Autonomous Vehicles, Blockchain, Cloud, Critical Infrastructure, Cryptography, Cyberinsurance, Cybersecurity & Infosec, Emerging Technology, Ethics, Future Views, IoT, IIoT, ICS-SCADA, Law and Regulations, Presentations & Webinars, Privacy, Quantum Computing, Resiliency, Systemic Risk

November 19th, 2024 by John

[November 18, 2024] Docent Institute hosted the 2024 Chicago Security Speakeasy with 60 guests for drinks and dinner at the oldest private club in Chicago. A wonderful venue for a formal pre-holiday party and charity fundraiser. Thanks to my friends for making it possible, as members of this exclusive club!

Posted in Community, Cybersecurity & Infosec, Events

November 15th, 2024 by John

I was honored to be invited to give a presentation on November 14th in Rockford, IL for the Rock River Valley Section. The turnout was 30+ members and non-members. Click the image above for the PDF.

ABSTRACT Read More

Posted in Cybersecurity & Infosec, Emerging Technology, Ethics, Future Views, Presentations & Webinars Tagged with: , ,

June 29th, 2022 by John

CornCon “Quad Cities Cybersecurity Conference” is returning in person on September 30 & October 1, 2022. To be held at RiverCenter convention center in downtown Davenport, Iowa, this year’s conference will include a Thursday CISO summit (TBD), two days full of great speakers, tutorials, villages and expo, as well has K12 activities on both Friday and Saturday. More details can be found on the conference website: https://corncon.net. (note that early bird pricing has been extended to July 15th)

Posted in Community, Cybersecurity & Infosec, Education, Events, Kids

June 29th, 2022 by John

https://www.forbes.com/sites/bobzukis/2022/06/27/rsa-2022-solutions-to-systemic-cyber-risk-are-emerging-but-its-early/?sh=518b6fbe1c42

Systemic risk is about the risk that exists between the parts of any complex system. This includes third-party vulnerabilities. Being able to understand if any third party introduces critical levels of systemic risk to the entire system through concentration risk is also a critical systemic cyber risk challenge.

Posted in Cybersecurity & Infosec, Risk Management

April 13th, 2022 by John

It was a great honor to be asked to keynote Bloomcon this morning! Wish I could have been there in person. Despite the issues we had getting sound to work with Zoom, I ended my presentation on time. I’ll have to go in person next year!Link to my slides: https://johndjohnson.com/…/BloomCon.2022.JJOHNSON…

Posted in Cybersecurity & Infosec, Emerging Technology, Privacy

January 21st, 2022 by John

I was fortunate to be on a panel to discuss the Software Supply Chain with Richard Rushing, Bryan Hurd and Richard Greenberg (moderator) for the ISSA Los Angeles chapter on Wednesday (1/19/21). Click here to view the recording, https://www.youtube.com/watch?v=y3wqCc34tME.

Posted in Blog, Cybersecurity & Infosec, Presentations & Webinars, Resiliency, Risk Management, Supply Chain

January 20th, 2022 by John

Supply chain security can refer to suppliers who provide services, staffing, support, or who develop software/hardware. The supply chain is varied and different across industry segments and organizations. If you consider the development of applications or electronics, there may be a long list of companies who contribute to the final product. The longer the supply chain and the less visibility you have into (or ability to assess) each supplier, the higher the overall complexity and resulting risk to your organization.

Let’s consider the software that we use in our own organizations. There is a lot of it. Do you have a complete inventory of the software you have running on your endpoints, or supporting business processes? Having a granular software inventory and an approved enterprise application catalog is a starting point. The granular information you need includes: “Who owns and makes decisions about the application?” “Who supports and patches it?” “Who budgets for and pays for licenses?” “What is the application architecture and how does it communicate?” Having a central trusted software inventory (this may differ between desktops and servers) is a starting point. Read More

Posted in Blog, Cybersecurity & Infosec, Exploits & Attacks, Resiliency, Risk Management, Supply Chain