Thinkers360
Interested in getting your own thought leader profile? Get Started Today.

Matthew Rosenquist

Chief Information Security Officer at Eclipz

Folsom, United States

CISO and cybersecurity strategist that actively works with the industry to identify emerging risks and opportunities.  Currently the CISO for Eclipz and formerly the Cybersecurity Strategist for Intel Corp. with 30 years in the security field. An active keynote speaker at industry events, member on multiple technical and academic advisory boards, and collaborates with the top minds in the cybersecurity industry across business, academia, and governments sectors.  Publishes blogs, whitepapers, and develops industry methodologies.  Was named as a Top 10 Technology Voice in 2018 by LinkedIn and has a very active following of over 180k professionals.   

Matthew is experienced in building world class teams and capabilities, managing security operations, and evangelizing best-practices to the market.  He advises boards, executives, industry groups, tech companies, consumer audiences, and the media on the risks and relevance of cybersecurity issues and how to achieve an optimal level of security.

Available For: Consulting, Influencing, Speaking
Travels From: Sacramento CA
Speaking Topics: cybersecurity, information security, cyber security

Matthew RosenquistPoints
Academic0
Author267
Influencer2008
Speaker92
Entrepreneur220
Total2587

Points based upon Thinkers360 patent-pending algorithm.

Thought Leader Profile

Portfolio Mix

Company Information

Company Type: Company
Business Unit: Technology
Theatre: Global
Media Experience: 14 Years
Last Media Interview: 03/24/2020

Areas of Expertise

AI 31.45
Analytics 30.51
Big Data 30.42
Cryptocurrency 34.16
Customer Experience 30.24
Cybersecurity 88.66
Digital Transformation 30.55
Emerging Technology 30.25
Fintech 31.10
HR 30.44
Innovation 31.95
IoT 31.82
Leadership 34.68
Privacy 41.30
Risk Management 45.83
Govtech 31.30
Startups 34.22
Future of Work 31.24
Social 31.38
Business Strategy 34.93
Edtech 32.86
Predictive Analytics 30.12
Blockchain 30.27
Diversity and Inclusion 33.74
Healthtech 30.49
COVID19 32.89
Autonomous Vehicles 30.97
Management 30.94
Supply Chain 30.43
Culture 30.29
Smart Cities 40.89
Mergers and Acquisitions 30.47
Digital Disruption 30.14

Industry Experience

Consumer Products
Financial Services & Banking
Healthcare
High Tech & Electronics
Higher Education & Research
Manufacturing
Media
Other
Professional Services
Retail
Telecommunications

Please signin or signup to view publication section.

Publications

9 Advisory Board Memberships
Cyber Security Initiative Strategic Council
Private Directors Association
December 22, 2020
I am very excited to join with esteemed cybersecurity colleagues on Private Directions Association’s (PDA) Cyber Security Initiative Strategic Council. Our charter is to drive timely and relevant communications to the board member community.

See publication

Tags: Cybersecurity

EC-Council International Advisory Board for CISOs
LinkedIn
May 20, 2020
I am excited to join the prestigious ranks of EC-Council’s International Advisory Board for CISOs. EC-Council is a leader in providing training, sharing knowledge, and being a resource for cybersecurity professionals. The advisory board collaborates to share best practices, emerging challenges, and opportunities for CISOs to better protect their organizations in alignment with overall business goals.

See publication

Tags: Cybersecurity, Leadership

Helping Academia Succeed So Cybersecurity Can Thrive
LinkedIn
April 10, 2020
Thrilled to announce that I am joining the Advisory Board for the University of Phoenix, College of Business and Information Technology! Academia plays a crucial role in fulfilling the staffing needs for the growing cybersecurity industry! We must all play a role to help prepare the next generation of professionals.

See publication

Tags: Cybersecurity

Matthew Rosenquist Joins the Eclipz Advisory Board to make the World of Connected Data More Secure
LinkedIn
September 04, 2019
It is my honor to join the Advisory Board of Eclipz; a cybersecurity innovator focused on securing data in transit, even on untrusted endpoints. Hardening digital communications from hackers and eavesdropping are crucial for security, privacy, and trust.
https://www.eclipz.io/

See publication

Tags: Business Strategy, Cybersecurity, Startups

Matthew Rosenquist Joins the Advisory Board for the Techno Security & Digital Forensics Conference
LinkedIn
August 15, 2019
I am excited to announce I have accepted a position on the Techno Security & Digital Forensics Conference Advisory Board. I am honored to be part of this team to help drive education, awareness, training, and ethics across the digital forensics and cybersecurity industries. I strongly believe professionals should contribute to the growth of the field by influencing, sharing knowledge, connecting others and pursuing beneficial ideas for greater impacts.
https://www.technosecurity.us/ca/about-us/2020-advisory-board

See publication

Tags: Business Strategy, Cybersecurity, Leadership

Contributing to the SIA Education @ ISC Advisory Board
LinkedIn
May 30, 2018
I was just asked to extend my role as an Advisory Board member on the SIA Education @ ISC Advisory Board for an additional year.

SIA Education program at the ISC West security conference has grown into a respected resource for education in the industry, attracting over 1100 participants at ISC West 2018. I have enjoyed being part of this group for several years and thoroughly enjoyed presenting keynotes for the converged security event in 2016 and 2017.

See publication

Tags: Business Strategy, Cybersecurity, Edtech

Joint Task Force on Cybersecurity Education
NIST
December 31, 2017
The Joint Task Force on Cybersecurity Education (JTF) was launched in September 2015 with the purpose of developing comprehensive curricular guidance in cybersecurity education that will support future program development and associated educational efforts. The Curriculum Guidelines for Post-Secondary
Degree Programs in Cybersecurity was published in 2017.

See publication

Tags: Cybersecurity, Leadership

Honored to Join the HMG CISO Advisory Board!
LinkedIn
September 12, 2016
I am excited to join the HMG CISO Advisory Board. I am humbled to be a part of this outstanding group of information security leaders. The HMG Strategy network provides c-suite executives the opportunity to experience global thought-leadership, a social community of face-to-face networking, access to a Research and Resource Center, and a number of summits around the country to bring together champions to secure the future of enterprises.

See publication

Tags: Business Strategy, Cybersecurity, Leadership

Brandeis University Graduate Professional Studies Advisory Board Member
Brandeis University
June 01, 2015
Matthew Rosenquist joined the Brandeis University Graduate Professional Studies (GPS) Advisory Board for Information Security Leadership, Committee for the Master of Science in Information Security, in 2015. Matthew has remained an active member of the board and will continue serving this important role through 2020 to help advise Brandeis in maintaining the very best graduate program to produce elite cybersecurity leaders.

See publication

Tags: Business Strategy, Cybersecurity, Leadership

87 Article/Blogs
Success Criteria for Ending Ransomware
LinkedIn
July 16, 2021
Stopping ransomware from being an impactful menace is the grand goal, but what are the specific criteria for success we should be striving for? Without clear objectives, we are often consumed with trivial aspects and never attain the desired end-state.

See publication

Tags: Cybersecurity, Leadership, Business Strategy

Reevaluating the Work-Life Balance
Medium.com
May 03, 2021
My priorities are my family then my Cybersecurity career. However, I recently noticed that for more than a year, I have not taken a day off. I always make time for my children and wife, but I am also doing work, research, consulting, writing articles, producing videos, or speaking at events every day.

See publication

Tags: Cybersecurity, Privacy

Cybersecurity is Not Reaching its Full Potential
Medium
April 22, 2021
Cybersecurity has evolved with the rapid rise of digital transformation, becoming a crucial element of trust for products and services. No longer just a function of preventing impacts and meeting regulatory requirements, cybersecurity is emerging as a cornerstone for future enhancement of user-experiences, compelling features, and growth into new fields.

See publication

Tags: Cybersecurity, Privacy, Risk Management

We Must Crush Digital Misinformation Before It Destroys Society
Medium
April 19, 2021
Digital communication is connecting people around the globe with tremendous benefits, but is also being misused in terrible ways that take advantage of the community. We are bombarded by misinformation posing as facts, leading to terrible fractures, victimization, and grief to the detriment of individuals and society as a whole.

See publication

Tags: Cybersecurity, Social, Leadership

HMG CISO Executive Leadership Summit
Medium
February 21, 2021
I am looking forward to speaking at the upcoming HMGLive CISO executive leadership event!
I encourage all cybersecurity leaders to attend and interact. This is how we build teamwork, communicate challenges, and share best practices.

See publication

Tags: Cybersecurity, Leadership

Building Smart Cities of the Future Takes a Team of Experts
Medium
February 18, 2021
Today I am honored to join the World Smart Cities Economic Development Commission Advisory Board of the World Business Angels Investment Forum (WBAF), a partner of the G20 Global Partnership for Financial Inclusion (GPFI), to support job growth, digital inclusion, and social justice worldwide.

See publication

Tags: Cybersecurity, Privacy, Smart Cities

More Supply-Chain Cyberattacks are in the Wind
LinkedIn
February 17, 2021
It appears France is the main victim for this recent attack which has several uncanny similarities to the SolarWinds exploitation that exposed thousands of U.S. government agencies, critical infrastructure organizations, and major businesses. Let me be absolutely clear (again), that these attacks have been active for years and will continue to increase in pace, scope, and boldness! According to the French cybersecurity agency Agence Nationale de la sécurité des systèmes d’information (ANSSI), this attack may have begun back in 2017.

See publication

Tags: Cybersecurity, Supply Chain

Rise in Whistleblowing Signals the Need for Formal CyberEthics
Medium
February 16, 2021
Times are changing and whistleblowing is on the rise. People are more empowered to challenge unethical situations in the workplace. Getting ahead can help manage the risks and be used to improve, identify, and resolve caustic situations before they get out of hand.

See publication

Tags: Cybersecurity

Safety Risks Rise Due to Critical Infrastructure Cyber Attacks
LinkedIn
February 09, 2021
The recent attempt by malicious hackers to poison a Florida city water supply, highlights the public risks and exposure of critical infrastructures. Luckily, this incident was detected by an observant technician and mitigated before people were hurt, but it could have turned out far worse.

See publication

Tags: Cybersecurity, Digital Transformation, Leadership

Apple’s CEO Superbly Articulates How Privacy Need Not be Sacrificed for Technology
Medium
February 08, 2021
Tim Cook, CEO of Apple, in a speech at the Brussels’ International Data Privacy Day event, beautifully articulated how technology does not need to undermine privacy.

See publication

Tags: Cybersecurity, Privacy

Another Creepy Case of Hackers Watching People in their Homes
Medium
February 01, 2021
Protect yourself from creepy hackers that watch people on their home cameras.
When it comes to cameras installed inside of homes, there is always a risk of someone else gaining access and watching over you!

See publication

Tags: Cybersecurity, Privacy

Falsely Vilifying Cryptocurrency in the Name of Cybersecurity
Medium
January 31, 2021
I get frustrated by shortsighted perceptions, which are misleading and dangerous is far easier to vilify something people don’t fully understand.

Here is another article, titled Bitcoin is Aiding the Ransomware Industry, published by Coindesk, implying cryptocurrency is the cause of digital crime.

See publication

Tags: Blockchain, Cryptocurrency, Cybersecurity

U.S. the 4th Worst Privacy Offender for Government Collection of Biometric Data
LinkedIn
January 28, 2021
Researchers ranked 96 countries by their collection and use of biometric data. Biometrics are gathered and stored as part of international travel, banking, law enforcement, healthcare tracking, and general surveillance by governments.

See publication

Tags: Cybersecurity, Leadership, Privacy

New U.S. Cybersecurity Leadership Needs More Experience Diversity
Medium
January 25, 2021
President Biden has been quick to name a number of cybersecurity leadership positions, to greatly strengthen the nations capabilities, but there are concerns with the diversity of experience.

See publication

Tags: Cybersecurity

WhatsApp Still Needs to Prove it is Trustworthy
Medium
January 17, 2021
In the aftermath of WhatsApp’s privacy notification to users, that they will again be sharing data with Facebook, there is still a lack of clarity. I see a lot of statements from WhatsApp and general chatter regarding what data they will NOT be sharing. But I have yet to find any specificity on what exact data they WILL be sharing with Facebook. That is very strange and seems misdirecting.

See publication

Tags: Cybersecurity, Privacy

Law Enforcement is Seduced by Big Cybercrime Cases
Medium
January 07, 2021
Some important aspects are changing in law enforcement, when it comes to cybercrime.
In today’s video I look at the social aspects within the law enforcement community, the criminal evolution of cybercrime, and the resulting changes in behaviors that are driving fundamental improvements to cybercrime investigations around the globe.

See publication

Tags: Cryptocurrency, Cybersecurity, Privacy

China Seizes $4B in Cryptocurrency from Scammers
Medium
December 01, 2020
Governments can still pursue cybercriminals and fraudsters who use cryptocurrency. China authorities have seized over 4 billion dollars worth of Bitcoin, Ethereum, and several other cryptocurrencies as part of a crackdown on the PlusToken scheme that defrauded over 2 million people. This seizure has been approved by the courts after the ringleaders were convicted of Ponzi-type fraud.

See publication

Tags: Cryptocurrency, Cybersecurity

Police Cameras are Providing Facial Recognition Tracking to Criminals in Moscow
Medium
November 17, 2020
Criminals are offering stalking services, through the use of Moscow’s camera system, to identify and track people for $200. Customers provide a picture and the criminals will return a report of where that person has been, where they frequent, and more. Apparently, the data is being gleaned from the police facial recognition camera system, that includes over 100,000 cameras positioned to watch the city.

See publication

Tags: Cybersecurity, Privacy

U.S. Dept of Justice seizes $1 billion in Bitcoin
LinkedIn
November 10, 2020
A billion-dollar mystery has been solved. Cryptocurrency watchers were stunned when they recently saw a billion dollars of Bitcoin being moved from a very old account that has been inactive for years.

The mystery was solved as the U.S. Department of Justice unsealed court filings related to the Ross Ulbricht 2015 Silk Road case. Ulbricht, who ran the infamous dark-web site Silk Road, was convicted and his bitcoin assets seized. But before they all could be grabbed, a hacker stole 70k bitcoins from Ulbricht's accounts. As they say, there is little honor among thieves. At the time it was worth a few hundred thousand dollars, but now it has appreciated to a billion dollars!

See publication

Tags: Cryptocurrency, Cybersecurity, Management

Managing IoT Data Security Risks: The Need to Secure Data in Modern Computing
CISO MAG
October 20, 2020
The demands to defend the information on edge devices have reached a new pinnacle and continues to grow beyond what current capabilities can handle. Legacy cybersecurity systems that ensure the confidentiality, integrity, availability and the proper use of data from edge devices are not sufficient for the growing scale of the Internet of Things (IoT) and Industrial IoT (IIoT). Innovation in technology and process is needed to deliver the robustness necessary to defend against a world of ever-evolving cyber threats.

See publication

Tags: Cybersecurity, IoT, Leadership

Should Governments be Responsible for Protecting the Internet?
Medium
October 13, 2020
Does society want governments to take on the role of protecting the Internet? Should the Internet be considered a Critical Infrastructure and therefore be overseen by governments? Will such actions undermine privacy and liberty or will it be demanded by citizens to protect personal access and online security?

See publication

Tags: Cybersecurity, Privacy

Microsoft’s New Tactics Disrupts Trickbot Ransomware
Medium
October 13, 2020
Microsoft and partners have taken down the Trickbot ransomware infrastructure. That is a temporary relief, as the cybercriminals will soon adapt. The bigger picture is how the Microsoft Digital Crimes Unit (DCU) has created a template and partnerships to better target and disrupt future malware campaigns!

See publication

Tags: Cybersecurity

Leveraging culture for better cybersecurity?
Medium
October 05, 2020
Join the free webinar on Oct 28th 10am PST to listen to the panel discuss how culture can contribute or destroy cybersecurity!
Colleagues Jack Roehrig, Theo Nasser, and myself will be discussing the importance of weaving a positive cyber culture into organizations as part of a greater set of best-practices for effective cyber strategy.

See publication

Tags: Cybersecurity

We Don’t Want IoT Cybersecurity Regulations
Medium
September 21, 2020
It simply makes no sense to call for IoT devices to be certified safe-and-secure. Before you get bent out of shape, hear me out.

Regulations are unwieldy blunt instruments, best left as a last resort. Cybersecurity regulations are not nimble, tend to be outdated the day they are instituted, and become a lowest-common-threshold for an industry to follow. This stifles security innovation and the application of best practices. On the upside, regulations do force industries that have ignored basic security practices to meet a common standard. But history has shown those industries rarely go any farther than the regulatory requirements. All the data breaches we see in the news every week, almost all of those organization are compliant with regulations, yet they are losing data records by the billions. Compliance does not equal security!

See publication

Tags: Cybersecurity, IoT

Beware of Unified Cybersecurity Solutions Claiming to Help CISO's
CISO Platform
September 17, 2020
Many security vendors developing products to unify solutions into a single management interface. I fear this is just a sales tactic to gain greater market share and not intended to help the plight of CISO’s

See publication

Tags: Cybersecurity

Painful IoT Security Lessons Highlighted by a Digital Padlock
LinkedIn
September 15, 2020
The first warning sign was “hackproof” in the 360Lock marketing materials. As it turns out, with no surprise to any security professional, the NFC and Bluetooth enabled padlock proved to be anything but secure.

See publication

Tags: Cybersecurity, Digital Transformation, Risk Management

EC-Council Free Online Event for Cybersecurity Skills Development
Medium
September 12, 2020
EC-Council is announcing the #TheNextBigThingInCyber skills development in a free online event on Sept 16th 9:30am EST. EC-Council’s CEO, Jay Bavisi will discuss what it means to Humanize firewalls, build a new era of ethical hackers, empower cyber defenders, and the importance of great penetration testers.

See publication

Tags: Cybersecurity, Edtech

Intel patches 9 vulnerabilities in their management platform
Medium
September 12, 2020
Intel has released patches for several security vulnerabilities in their Active Management Technology (AMT) and Intel Standard Manageability (ISM) platforms. One of them was a critical flaw in AMT that allowed remote privilege escalation CVE-2020–8758

See publication

Tags: Cybersecurity, Risk Management, Supply Chain

Defenders show up to the war on deepfakes
Medium
September 04, 2020
Digitally altered and synthetic media are becoming more of a problem. Openly available tools, including AI Deep Learning, enable the easy modification of pictures and videos for distribution on the Internet. Most are benign; clearing up acne, improving image lighting, creating a funny meme, or perhaps narrowing a waistline for aesthetic reasons. More disturbing is the generation of videos of known personalities, making them appear to make caustic statements or take part in inappropriate activities. These fakes have appeared in political posts, social satire, news media, and pornographic material. Motivations are sometimes for humor, vanity, vindictiveness, or to sway public viewpoints.

See publication

Tags: AI, Cybersecurity, Privacy

Google to offer AI Ethics services to others?
Medium
September 01, 2020
AI Ethics are very relevant and growing in importance as the world embraces artificial intelligence systems.
Google has announced it will it will launch new AI ethics service by the end of the year to help others with tricky ethical challenges involving AI.

See publication

Tags: AI, Cybersecurity, Privacy

Smart Cities Keynote: Security and Privacy After 2020
Medium
September 01, 2020
I am looking forward to a great keynote conversation and Q&A session about the new normal for digital security & privacy of smart cities. As our cities embrace digital technologies to extend and improve services to its citizens, it is important to weave in security and privacy controls to reinforce trust.

Come join my co-speakers Marcelo Peredo, the CISO of the City of San Jose, and Zulfikar Ramzan, the CTO of RSA, as we discuss the evolving cybersecurity challenges and opportunities beyond 2020.

See publication

Tags: Cybersecurity, Privacy, Smart Cities

Sacramento Opens Cybersecurity Opportunities for Covid Displaced Workers
Uptrennd
August 28, 2020
City of Sacramento is leading the way and showcasing how public/private partnerships can help the community and make the digital world safer for everyone! This is a great template for other communities to retrain Covid-19 displaced workers for a career in cybersecurity.

See publication

Tags: COVID19, Cybersecurity

How privacy can decrease safety
HelpNetSecurity
August 03, 2020
Online anonymity can undermine accountability and enable victimization. A balance needs to be struck. The second article of a 2 part series between Matthew Rosenquist and Lisa Thee explores the complexities of digital privacy and outlines some U.S. focused recommendations.

See publication

Tags: Cybersecurity, Privacy

What is privacy and why does it matter?
HelpNetSecurity
July 28, 2020
Privacy is a basic right and a necessary protection in the digital age to avoid victimization and manipulation.

See publication

Tags: Cybersecurity, Privacy

What are are the Top 5 CISO Frustrations?
CISO Platform
July 25, 2020
I was recently asked an interesting question: What are are the Top 5 CISO frustrations with the cybersecurity industry?

After a few minutes of deep thought, this is what I came up with.

See publication

Tags: Cybersecurity

Digital privacy: A double-edged sword
HelpNetSecurity
July 21, 2020
igital privacy is paramount to the global community, but it must be balanced against the proliferation of digital-first crimes, including child sexual abuse, human trafficking, hate crimes, government suppression, and identity theft. The more the world connects with each other, the greater the tension between maintaining privacy and protecting those who could be victimized.

See publication

Tags: Cybersecurity, Privacy, Social

The 10 Worst Cybersecurity Strategies
Medium
July 16, 2020
Counting down to the absolutely worst cybersecurity strategies. Sadly, these are all prevalent in the industry. Many organizations have failed spectacularly simply because they chose to follow a long-term path that leads to disaster.

See publication

Tags: Cybersecurity, Leadership, Risk Management

Will AI rescue the world from the impending doom of cyber-attacks or be the cause
mc.ai
July 08, 2020
There has been a good deal of publicized chatter about impending cyberattacks at an unprecedented scale and how Artificial Intelligence (AI) could help stop them. Not surprisingly much of the discussion is led by AI vendors in the cybersecurity space. Although they have a vested interest in raising an alarm, they do have a point. But it is only half the story.

See publication

Tags: AI, Cybersecurity

Teaching AI to be Evil with Unethical Data
Peerlyst
July 04, 2020
Artificial Intelligence has a weakness. Unethical training will result in an evil system. Now more than ever, we need a framework of AIEthics to ensure AI systems are created for the good of society.

See publication

Tags: AI, Cybersecurity, Emerging Technology

Profiling White-Hat Vulnerability Researchers
Medium.com
June 26, 2020
Bugcrowd has released some interesting survey data that provides insights into the white- hat vulnerability researcher community.

See publication

Tags: Cybersecurity

Killer Drones to be Available on the Global Arms Markets
Medium.com
June 24, 2020
Turkey may be the first customer for the Kargu series of weaponized suicide drones specifically developed for military use. These semi-autonomous devices have been in development since 2017 and will eventually be upgraded to operate collectively as an autonomous swarm to conduct mass synchronized attacks.

See publication

Tags: AI, Cybersecurity, Autonomous Vehicles

Intel Designs Chips to Protect from ROP Attacks
Medium
June 16, 2020
It looks like Intel Corporation's Control-Flow Enforcement Technology (CET) will finally be making into products. If it works and is adopted, it should disrupt ROP hacks.

See publication

Tags: Cybersecurity, Emerging Technology

Curiosity Labs Opens Free Test-Track for Autonomous Vehicle Innovation
Medium.com
June 05, 2020
Enabling better security, privacy, and safety

It is always nice to see projects that are open and free to use, to advance technology in secure, private, and safe ways. Curiosity Labs provides startups and established companies a no-cost real-world testing infrastructure to innovate smart city and transportation technologies.



See publication

Tags: Cybersecurity, Autonomous Vehicles, Smart Cities

Misunderstanding the Economic Factors of Cybercrime
Medium.com
May 30, 2020
A new study by Cambridge Cybercrime Centre titled Cybercrime is (often) boring: maintaining the infrastructure of cybercrime economies concludes that cybercrime is boring and recommends authorities change their strategy to highlight the tedium in order to dissuade the growth of cybercrime.

See publication

Tags: Cybersecurity

10 Areas of Change in Cybersecurity for 2020
Medium
May 11, 2020
Cybersecurity in 2020 will be evolutionary but not revolutionary. Although there is always change and churn, much of the foundational drivers remain relatively stable. Attacks in the next 12 months are likely to persist in ways already known but taking it up-a-notch and that will lead to a steady escalation between attackers and defenders.

See publication

Tags: AI, Cybersecurity, Privacy

Pivot to Telehealth Brings New Benefits and Risks
LinkedIn
April 27, 2020
Innovations in healthcare bring great benefits but also new risks to security, privacy, and safety.

See publication

Tags: Cybersecurity, Healthtech, Privacy

Preventing a Product Security Crisis
LinkedIn
April 17, 2020
How did Zoom end up in crisis? More importantly, how can these lessons help other businesses avoid a major product security crisis that drives customers away and creates a massive opportunity for competitors consume market share?

See publication

Tags: Cybersecurity, Privacy, Risk Management

Zoom in crisis: How to respond and manage product security incidents
HelpNetSecurity
April 15, 2020
Zoom is in crisis mode, facing grave and very public concerns regarding the trust in management’s commitment for secure products, the respect for user privacy, the honesty of its marketing, and the design decisions that preserve a positive user experience. Managing the crisis will be a major factor in determining Zoom’s future.

See publication

Tags: Cybersecurity, Privacy, Risk Management

My Pursuit Intensifies to Secure Digital Technology
linkedin
April 01, 2020
For over 30 years I have continually sought-out new professional challenges, been enticed at opportunities to overcome near-impossible obstacles, and have taken on new roles to further the cybersecurity industry.

See publication

Tags: Cybersecurity, Privacy

Cryptocurrency Fraud Reached $4.3 Billion in 2019
LinkedIn
February 18, 2020
Cryptocurrency fraud is aggressively on the rise and topped over $4 billion last year and is shocking to those who thought they had found an incredible investment in the cryptocurrency world, yet were swindled out of everything.

See publication

Tags: Cryptocurrency, Cybersecurity

There is No Easy Fix to AI Privacy Problems
Semiwiki.com
February 08, 2020
Artificial intelligence – more specifically, the machine learning (ML) subset of AI - has a number of privacy problems.

See publication

Tags: AI, Cybersecurity, Privacy

Avast Shuts Down its Data Sales Subsidiary Due to Privacy Backlash
CISO Platform
January 31, 2020
Avast was recently caught selling user's web browsing data. Shortly thereafter the CEO made an apology and announced they were ceasing the Jumpshot data collection activities and winding down company operations. It is time that privacy regulations improve. This situation is playing out again and again for freemium type services and only hints at the greater problem.

See publication

Tags: Big Data, Cybersecurity, Privacy

Privacy Day – Yes it Matters More than You Might Think
LinkedIn
January 28, 2020
Privacy matters to everyone! In fact, more than most people realize. It underpins the very nature of liberty and is a key pillar for online security. Celebrate Privacy Day, with a little more effort in protecting your personal data and supporting a digital world that respects privacy.

See publication

Tags: Cybersecurity, Privacy

Lessons from Microsoft’s 250 million data record exposure
HelpNetSecurity
January 24, 2020
Microsoft has one of the best security teams and capabilities of any organization in the technology industry, yet it accidentally exposed 250 million customer records in December 2019. As a former cyber incident commander for a major technology corporation, I can see a number of important lessons to be learned.

See publication

Tags: Cybersecurity, Leadership

There is no easy fix to AI privacy problems
HelpNetSecurity
January 23, 2020
Artificial intelligence – more specifically, the machine learning (ML) subset of AI – has a number of privacy problems.

See publication

Tags: AI, Cybersecurity, Privacy

Banks are Developing Digital Currencies and Opening Themselves to Cyber Risk
LinkedIn
December 31, 2019
Cybersecurity will be hard pressed to take on the new challenges of bank managed digital currencies. Banks are developing their own digital currencies. The introduction of Central Bank Digital Currencies (CBDC) is the beginning of an interesting trend that will change the cybersecurity dynamic for banking as it opens up an entirely new threat landscape.

See publication

Tags: Blockchain, Cybersecurity, Fintech

The 7 most dangerous digital technology trends
HelpNetSecurity
December 10, 2019
As our world embraces a digital transformation, innovative technologies bring greater opportunities, cost efficiencies, abilities to scale globally, and entirely new service capabilities to enrich the lives of people globally. But there is a catch. For every opportunity, there is a risk.

See publication

Tags: AI, Cybersecurity, Privacy

Cryptocurrency Exchange Hacks are on the Rise
Medium
December 09, 2019
Seven major cryptocurrency exchanges were victimized in 2019, totaling over $160 million in financial theft. As predicted, cybercriminal hackers targeted crypto exchanges in 2019 and the trend will continue into 2020.

See publication

Tags: Cryptocurrency, Cybersecurity, Privacy

Hackers Scan Massive Docker Instances to Mine Crypto
LinkedIn
November 27, 2019
Hackers are at it again, looking for vulnerable Docker instances so they can selfishly mine Monero.

See publication

Tags: Cryptocurrency, Cybersecurity

AI Based Defensive Systems Impact on Cybercriminal Strategy
PenTest Magazine
November 08, 2019
Good guys are working at a fever pitch to create pre-emptive adversarial attack models to find AI vulnerabilities. But threat actors are working just as fast to develop threats and have the resources (aka money) to build powerful cyber weapons. Who will win this race against time?

Some of California’s top security minds came together during National Cybersecurity Awareness Month to discuss the role of Artificial Intelligence (AI) in cybersecurity. Leading experts from both the private and public sectors joined our Inteligenca Cyber Salon to discuss both the promise and concern about AI. No doubt we heard during this talk that AI is controversial.

See publication

Tags: AI, Cybersecurity, Risk Management

Hacking Phones: How law Enforcement is Saving Privacy
DarkReading
October 30, 2019
In the battle between privacy and security, technology can bridge the gap allowing a healthy balance. We must not fear technology, but rather purposefully wield it in better ways with clear goals of benefits and limitations for abuse.

Here is my latest article, posted on Dark Reading, discussing one such path that may raise concerns with privacy advocates at first glance, but could result in a strategic win for everyone's privacy and security, except criminals.

See publication

Tags: Cybersecurity, Govtech, Privacy

Major Drone Attack Against Global Oil Production Showcases Weak Cybersecurity Thinking
LinkedIn
September 16, 2019
We are entering a new era for conflict that brings with it a synthesis of cyber and physical security that increases global safety risks. Attacks with connected technology, Internet-of-Things (IoT) devices, and Industrial IoT components are ramping up, now attaining levels with serious consequences. The cybersecurity industry is not prepared. It is time we revisit the deeper discussion of converged cybersecurity!

See publication

Tags: Cybersecurity, Digital Transformation, IoT

Criminals Luring in Bitcoin Sellers to Launder Money
LinkedIn
September 13, 2019
With the lure of big cash rewards, cybercriminals are luring-in the bitcoin community to become money laundering mules. This does not end well for anyone except the criminals.

See publication

Tags: Cryptocurrency, Cybersecurity, Social

Matthew Rosenquist Joins the Eclipz Advisory Board to make the World of Connected Data More Secure
LinkedIn
September 04, 2019
I am excited to announce that I am joining the Advisory Board of Eclipz! Such a great team working to make the connected world of data more secure across devices, services and even between untrusted endpoints.

See publication

Tags: Cybersecurity, Emerging Technology, Startups

NATO’s Collective Defense for Cyber Attack Remains Fragile
LinkedIn
September 03, 2019
NATO is far from implementing "collective defense"​ for cyber-attacks. Much work is still to be done before Article 5 is an effective deterrent.

See publication

Tags: Cybersecurity, Govtech, Leadership

Cryptocurrencies Should be Enabled to Blacklist Criminal Holdings
LinkedIn
August 28, 2019
Cryptocurrencies like Bitcoin are heavily targeted and exploited by cybercriminals. There may be something that can be done to assist law enforcement in revocating illicit assets, aid victims, and still preserve the fierce independence autonomy of public blockchain cryptocurrencies.

See publication

Tags: Cryptocurrency, Cybersecurity, Innovation

Do Not Pay Ransomware – A Lesson for Municipalities
Medium
August 19, 2019
Ransomware is getting worse, in part because victims are paying. Poor decisions of certain municipalities is having an impact on their peers. Stop paying criminals! They will be back, stronger than before.

See publication

Tags: Cybersecurity, Govtech

Joining the Advisory Board for the Techno Security & Digital Forensics Conference
LinkedIn
August 15, 2019
I am excited to announce I have accepted a position on the Techno Security & Digital Forensics Conference Advisory Board. I am honored to be part of this team to help drive education, awareness, training, and ethics across the digital forensics and cybersecurity industries.

See publication

Tags: Cryptocurrency, Cybersecurity, Digital Transformation

Binance Cryptocurrency Exchange Refuses to Pay Blackmailers Over a Possible Data Breach
LinkedIn
August 08, 2019
A blackmailer attempted to extort $3.5 million from the Binance cryptocurrency exchange, stating they would release confidential KYC (Know Your Customer) data. Binance has refused to pay the demands and is working with law enforcement to track down the cyber criminals.

See publication

Tags: Cryptocurrency, Cybersecurity, Privacy

Insider Threats in the Digital World are Sinister
LinkedIn
August 07, 2019
The compromise of AT&T is another example of the serious risks posed by insider threats. In this case an external attacker leverages the access and authority of internal people through bribes. Especially in digital environments, trusted insiders have incredible potential to do harm, cause disruption, and undermine trust. They are the submerged part of the cyber risk iceberg that we all must deal with.

See publication

Tags: Cybersecurity, Risk Management

Does Home Depot Respect Customer Privacy?
LinkedIn
July 29, 2019
Raising an issue with the privacy practices at HomeDepot. Why are they unnecessarily gathering personal information of its customers? A privacy savvy community should raise and amplify such issues to drive change.

See publication

Tags: Customer Experience, Cybersecurity, Privacy

Cryptocurrency Exchanges are Cyber Hackers Next Targets
LinkedIn
July 22, 2019
Where will online criminal hackers look next? Cryptocurrency. There are already hacks going on, but this will ramp up significantly as some of the more highly competent criminals are targeting cryptocurrency exchanges.

See publication

Tags: Cryptocurrency, Cybersecurity, Risk Management

Top 10 Things You Should Be Doing to Protect from Cyberattacks
LinkedIn
July 15, 2019
I get asked all the time for a quick answer to the question “How can I protect myself from getting attacked online?”. The simplified answer is to follow these Top 10 best practices.

See publication

Tags: Cybersecurity

Fight for Digital Privacy Rights Continue in Tech-Focused California
LinkedIn
June 27, 2019
The tech heartland of California is the latest battleground for privacy rights. Big tech companies are fighting to dilute upcoming legislation that will require more privacy protections. But is it enough? No! We need even better protections, accountability, and transparency of how our personal data is handled. This is the moment when ethical tech giants can either stand-up to do the right thing by leading the charge for the betterment of their users or lawyer-up to allow hidden practices, abuses, obfuscation, and deniability to continue for their financial gain.

See publication

Tags: Big Data, Cybersecurity, Privacy

Should Exploit Code be Published When Vulnerabilities are Made Public?
linkedin
April 18, 2019
On the heels of a recent report from Kaspersky Labs, discussions among security professionals have been stirred-up regarding the risks of publishing proof-of-concept code that may be helping hackers more than benefiting security. The topic has history and continues to be vigorously debated.

See publication

Tags: Cybersecurity, Privacy

Invitation to Innovators for Voting Technology Security
linkedin
April 15, 2019
Protecting our election infrastructure is crucial, yet security is lacking. Meaningful change starts with the spark of a great idea. I am looking forward to listening to all the excellent concepts for election security at the upcoming event in Sacramento CA. As India is now in the midst of having 900+ million people vote, we too need to figure a way to leverage digital tools for our democracy in a secure, private, trustworthy, and attestable way.

See publication

Tags: Cybersecurity

Role of the CISO: Top 3 Questions
linkedin
February 15, 2019
The role of Chief Information Security Officers (CISO) is evolving and requires a complex skill set. Long perceived as cost center that constrains the business in order to reduce losses from cyberattacks and to meet regulatory compliance, cybersecurity is now transforming into a critical function that must contribute to overall competitiveness.

See publication

Tags: Cybersecurity

Open Letter to the FTC – Bureau of Consumer Protection
linkedin
January 29, 2019
In December 2018 the FTC held hearings on Competition and consumer Protection in the 21st Century. A number of people spoke at the event and the FTC has graciously opened the discussion to public comments. The Federal Trade Commission has interest, certain responsibilities, and can affect changes to how data security evolves. This is our opportunity for the public to share its thoughts and concerns. I urge everyone to comment and provide your viewpoints and expertise to the FTC committee. Comments can be submitted electronically no later than March 13, 2019.

See publication

Tags: Cybersecurity, Privacy

When the Wrong Person Leads Cybersecurity
linkedin
November 19, 2018
Succeeding at managing cybersecurity risks is tremendously difficult even for seasoned professionals. To make situations worse, poorly suited people are often chosen to lead security organizations, bringing about disastrous results. This has contributed to weaker risk postures for organizations and the rapid turnover in cybersecurity leadership.

See publication

Tags: Cybersecurity, Privacy

Technology Transformation for 2019
linkedin
November 15, 2018
Digital technology continues to connect and enrich the lives of people all over the globe and is transforming the tools of everyday life, but there are risks accompanying the tremendous benefits. Entire markets are committed and reliant on digital tools. The entertainment, communications, socialization, and many others sectors are heavily intertwined with digital services and devices that society is readily consuming and embracing. More importantly, the normal downstream model for information has transformed into a bi-directional channel as individuals now represent a vast source of data, both in content as well as telemetry. These and many other factors align to accelerate our adoption and mold our expectations of how technology can make a better world.

See publication

Tags: Cybersecurity, Privacy

Should Companies be Allowed to ‘Hack Back’ after a Cyberattack
linkedin
September 30, 2018
Government officials and experts are weighing in on the concept of ‘hacking back’, the practice of potentially allowing U.S. companies to track down cyber attackers and retaliate.

See publication

Tags: Cybersecurity, Privacy

Beware Friendly Botnets
linkedin
September 18, 2018
The recently discovered Fbot, which finds systems infected with crypto-coin mining malware and scrubs them clean, may seem like a champion of good, but remember it is entering your system without your permission and modifying code and deleting files. We have seen other such ‘cleaner’ worms in the past, and the best advice is to be wary.

See publication

Tags: Cybersecurity, Privacy

“Unhackable” Product Claims are a Fiasco Waiting to Happen
linkedin
August 17, 2018
Those who think that that technology can be made ‘unhackable’, don't comprehend the overall challenges and likely don't understand what 'hacked' means.

See publication

Tags: Cybersecurity, Privacy

Slowing Innovation Should be a Cybersecurity Violation
linkedin
August 04, 2018
Risks come in many forms. Going too fast, being reckless, taking chances, etc. are easy to recognize warning signs. But what about the other end of the spectrum? Is going too slow ever bad? I say yes, especially when it unnecessarily impedes productivity, innovation, operational logistics and intentionally creates frustration of users.

See publication

Tags: Cybersecurity, Privacy

Cybersecurity Fails without Strategy
LinkedIn
July 17, 2018
Building and running a cybersecurity organization is a daunting task and most aren’t doing very well. The brutal reality is that the industry is struggling. Even as gains are made in the professional community, losses are skyrocketing in the face of security spending that is increasing to astronomical levels. Some estimates place losses to cybercrime alone at $6 trillion by 2021, doubling from $3 trillion in 2015, while security spending will top $1 trillion with expected double digit annual growth. These losses exceed the global illegal drug market and the security investment burden increases at an unsustainable rate. Even with massive investments over the years, the world continues to hemorrhage losses due to cyber-attacks. These damages are derived from individual organizations that have failed to erect and maintain viable defenses.

Companies in regulated industries and larger businesses will typically invest in an internal team to actively manage the cyber risks with a Chief Information Security Officer (CISO) at the helm. The current incarnation of the CISO position has not really been in widespread use for very long and the role has radically changed over the years. Where they report within the organization, what background and skills they possess, their overall responsibilities, and the desired experience for which they are hired varies wildly from one CISO to the next. The traditional CISO role focuses on protecting company assets, including preserving reputation, preventing downtime, securing data and financial assets, and ensuring regulatory compliance. But some companies are also using the CISO role as an external marketing ambassador to fuel visibility and drum up customers. So, in today’s world it is a mixed bag. Consequently, security teams are managed very differently and there is a major performance gap that needs to be addressed.

See publication

Tags: Cybersecurity, Leadership, Risk Management

Mylobot Showcases the Evolution of Modern Malware
linkedin
June 21, 2018
The recently discovered Mylobot aggregates 9 sophisticated features, highlighting how advanced malware is evolving. Stealth capabilities make it difficult for security tools to detect and protection aspects preserve its functionality over time.

See publication

Tags: Cybersecurity, Privacy

Cybersecurity Fails without Strategy
linkedin
June 17, 2018
Building and running a cybersecurity organization is a daunting task and most aren’t doing very well. The brutal reality is that the industry is struggling. Even as gains are made in the professional community, losses are skyrocketing in the face of security spending that is increasing to astronomical levels. Some estimates place losses to cybercrime alone at $6 trillion by 2021, doubling from $3 trillion in 2015, while security spending will top $1 trillion with expected double digit annual growth. These losses exceed the global illegal drug market and the security investment burden increases at an unsustainable rate. Even with massive investments over the years, the world continues to hemorrhage losses due to cyber-attacks. These damages are derived from individual organizations that have failed to erect and maintain viable defenses.

See publication

Tags: Cybersecurity, Privacy

4 Influencer Awards
Received a 2021 Global Leadership Award
Medium.com
May 20, 2021
It is as beautiful as is it meaningful. My sincerest thanks to those who nominated and bestowed this award. It shows how thought-leaders and top executives are elevating their respect for the importance of cybersecurity within their organization and across the global digital landscape. I am proud to represent cybersecurity and accept.

See publication

Tags: Cybersecurity, Leadership, Privacy

Top Writer in Privacy by Medium
Medium
December 09, 2019
Honored to be named by Medium as one of the Top Writers in Privacy! Congrats to the entire list; a community that recognizes the importance and is actively championing the rights of privacy for all.

There can be no liberty without privacy!

https://medium.com/tag/privacy/top-writers

See publication

Tags: Cybersecurity, Privacy

2019 ADA award for Outstanding Leadership in Protecting People’s Information
Adaptable Security
October 05, 2019
I am truly grateful for being recognized with a 2019 ADA award for Outstanding Leadership in Protecting People’s Information. Bestowed during the Cybersecurity Symposium for Smart Cities 2019, where a tremendous community came together to discuss the challenges, risks, and opportunities facing smart cities.

See publication

Tags: Cybersecurity, Leadership, Smart Cities

LinkedIn Top Voices 2018: Technology
LinkedIn
November 13, 2018
These are the 10 must-know writers and creators explaining everything from artificial intelligence to battling cyber threats.

See publication

Tags: Cybersecurity, Leadership

6 Keynotes
Matthew Rosenquist speaking at the Intel Cybersecurity Education Workshop
YouTube
September 12, 2019
Intel's cybersecurity strategist Matthew Rosenquist speaks at the educators' workshop on the industry challenges and academic needs for the next generation of cybersecurity professionals. Cybersecurity is challenging and graduating students must possess an increasing set of skills and perspectives in order to be successful. Matthew Rosenquist covers the growing risks, changes, and aspects of the digital security industry and provides a plan on how it must evolve with the help of educators.

See publication

Tags: Cybersecurity, Future of Work, Risk Management

Make America Secure Again - Pitch Event
Inteligenca
May 23, 2019
Cybersecurity innovation at its finest! It was my pleasure to moderate and be a panelist at the Make America Secure Again event in Sacramento, where innovators pitched ideas to strengthen the security of America's digital voting systems.

Protecting our election infrastructure is crucial, yet security is lacking. Meaningful change starts with the spark of a great idea. California again shows how it can reach out to the pool of great innovators to seek a variety of solutions for cybersecurity challenges. We must all work together to find ways of managing cyber risks. Outreach and innovation is key.

See publication

Tags: Cybersecurity, IoT, Leadership

The Verification of Truth: The Future of Digital Forensics and its Role in Cybersecurity
2019 Techno Security and Digital Forensics Conference
March 11, 2019
As the world embraces digital services and automation of critical systems, understanding risk, attributing actions, and deciphering attack methods will be crucial to the proliferation of connected technology. Trust is key, but transparency is greatly obscured. Forensics will grow to become the verification of truth and will play an ever-increasing role in understanding responsibility and controlling the dissemination of Fear, Uncertainty, and Doubt through actuarial data. Let’s explore the new areas, challenges, and opportunities for the bright future of digital forensics

See publication

Tags: Cybersecurity

Cybersecurity Risks and Recommendations – Where Your Focus Needs to Be
http://www.securitysystemsnews.com/blog/psa-tec-wrap
May 10, 2017
Technology convergence across cyber and physical security is driving change. Protection will evolve to include digital security, physical safety, and personal privacy.

See publication

Tags: Cybersecurity

How Cyber-Attacks are Changing the Expectations of Security, Privacy, and Safety
2017 ISC West conference
April 06, 2016
Cyber-attacks are an ever increasing problem that reaches out from the digital domain and into the physical world to impact the security, privacy and safety of people, businesses, and governments. The rapid growth of technology adoption and connectivity are driving new opportunities for attackers at an accelerating rate. The result is a radical shift in expectations by consumers and organizations for more comprehensive solutions, streamlined oversight, and clear accountability.

See publication

Tags: Cybersecurity, Privacy, Risk Management

Diversity in Cybersecurity Education
2016 ICT Educator Conference
January 07, 2016
The cybersecurity industry needs more people with greater diversity to fill the growing number of open positions. Intel is very active with internal corporate diversity efforts, establishing strong pipelines, and investing in diverse partners. Additionally, Intel is contributing to the formalization of cyber science degree standards to align educational programs to market demands.

See publication

Tags: Cybersecurity, HR, Diversity and Inclusion

18 Media Interviews
Future of Offensive Attack Simulation: Strategies, Tools, and Techniques
CISO Platform
November 24, 2020
In our recent Fireside chat episode in association with FireCompass, between Matthew Rosenquist, CISO Eclipz, and Bikash Barai, Co-Founder, FireCompass, we discussed a bunch of things related to the cybersecurity practices that are gaining momentum and about what the future holds.

See publication

Tags: Cybersecurity

How DevOps and Security Can Work Together
Endpoint.tanium.com
November 18, 2020
Software developers and security pros need to overcome their differences. It’s harder than it sounds, but best practices are emerging.

See publication

Tags: Cybersecurity

2020 Cyber Innovators Summit: Future Threat Panel
The Cyber Institute YouTube Channel
October 31, 2020
Future Cybersecurity Threats In 2021 & Beyond. Matthew Rosenquist, the Chief Information Security Officer (CISO) for Eclipz.io, a Cybersecurity Strategist, and an industry advisor speaks at the 2020 Cyber Innovators Summit's Future Threat panel.

See publication

Tags: Cybersecurity

The Role of Cyber Culture in a Cyber Strategy
RightHand Cybersecurity
October 29, 2020
Watch the recorded webinar "The Role of Cyber Culture in a Cyber Strategy". John (Jack) Roehrig, CISO at Turnitin, and Matthew Rosenquist, CISO and Cybersecurity Strategist at Eclipz.io, share insights on how to incorporate Cyber Culture as part of an organization's Cyber Strategy.

See publication

Tags: Cybersecurity

Podcast: From Reactive To Proactive — The Evolution Of Security And Of The CISO Role | With Matthew Rosenquist
ITSP Magazine
September 16, 2020
EPISODE SUMMARY
Once upon a time —not that long ago—the Information Security field had no rules, definitions, tools, or framework, and it was a new frontier to be discovered and conquered. Now, looking back, we sure have come a long way.

See publication

Tags: Cybersecurity, Leadership, Risk Management

The Only 2 Kinds of Cybersecurity Victims
Innovation Nation Podcast
August 11, 2020
We’re all working from home not thinking about cybercriminals at all.

They’re thinking about us, though.

In this very first episode of Innovation Nation, I interview Matthew Rosenquist, CISO at Eclipz.io, about cybercrime in the time of COVID-19.

What we talked about:

Hardware vs. software vs. wetware (people)
We’re vulnerable during quarantine not because technology but our behaviors
Cybersecurity issues that SMBs need to consider with IOT
Security fears that we have & education that we need

See publication

Tags: Cybersecurity, Privacy, Startups

What's next in Cybersecurity - and how SMEs can protect themselves - Episode #20
TÜV SÜD Safety First podcast
July 31, 2020
In this episode, Matthew Rosenquist, an internationally renowned US-American cybersecurity expert, shares his views on the new normal in cyber security with a special look at SMEs. All too often they are still an easy target for attackers. But with a few basic measures they can protect themselves more effectively. And this is not primarily a question of expensive IT technology.

See publication

Tags: Cybersecurity, Management, Risk Management

Crucial Tech, by Lou Covey - Matthew Rosenquist talks ethics, facial recognition and the potential benefits of AI
Crucial Tech
July 06, 2020
Matthew Rosenquist talks ethics, facial recognition and the potential benefits of AI. He provides an optimistic view of AI ethics and facial recognition, but we are still further than some might think from a successful deployment in the west.

See publication

Tags: AI, Cybersecurity, Privacy

'Cyber Risk Leaders' Tell All @ The Global Virtual Book Club EP 2
YouTube
May 29, 2020
Join Carmen Marsh, CEO of Inteligenca, and 'Cyber Risk Leaders' Author, Shamane Tan as they sit down with featured Cyber Risk Leaders from the book to discuss current cyber security challenges and share from their industry experiences.

In this episode, we meet with Matthew Rosenquist, CISO at Eclipz.io Inc in California who will be talking about the Artificial Intelligence's impact on Cyber Security Strategy.

AI is a tremendously powerful tool that is evolving at a ridiculous rate and being leveraged by both cyber attackers and defenders. It will radically change the cybersecurity strategies that protect our digital world.

See publication

Tags: AI, Cybersecurity

Cybersecurity Issues and Trends - Interview with CybxSecurity
CybxSecurity.com
March 24, 2020
My recent interview with Mark Byrne, from Cybx Security, covered a great range of cybersecurity questions, including new threats and solutions, Artificial Intelligence, DevSecOps, cybercrime, security impacts of Coronavirus, and the future of cybersecurity.

See publication

Tags: Cybersecurity, Risk Management, COVID19

The Entanglement of AI and Cybersecurity Podcast
linkedin
March 10, 2020
The boundaries of cybersecurity will be manipulated by the advances in Artificial Intelligence, the evolution of digital threats, and on ever-adapting leadership.

I had a great time being interviewed by Vaishali Lambe [Lisha] in her podcast SoLeadSaturday because we talked about how cybersecurity and AI are intertwined, how leadership is crucial, and the fact that technology tools are being used for both good and malicious purposes. The growing demands for a security-savvy workforce led us to explore the vast opportunities in the field. Emerging factors magnify the interesting swirls of competing challenges. To cap the discussion, we visualized the future of the industry and discussed the risks.

See publication

Tags: AI, Cybersecurity, Leadership

Past and Future Challenges for Security: ThinkTech Interviews Cybersecurity Strategist Matthew Rosenquist
ThinkTech: Hawaii
December 10, 2019
A look back at some of the missteps in 2019 across the convergence of cyber and physical security, with discussions on what challenges are ahead for the next year.

Thanks to Andrew Lanning for hosting me as a guest on the ThinkTech livestream show! Great questions and unscripted dialog about the evolving risks and opportunities of Artificial Intelligence, privacy, cybercrime, automation, and connected devices. Security matters!

Watch on YouTube: https://youtu.be/KQjuHVc3lbM

See publication

Tags: AI, Cybersecurity, Privacy

Thinkers360 Predictions Series – 2020 Predictions for Cybersecurity
Thinkers360
November 25, 2019
Having recently published our Top 50 Global Thought Leaders and Influencers on Cybersecurity, we asked a selection of our Thinkers360 global influencers about their predictions for Cybersecurity in 2020. Here’s what they told us…

See publication

Tags: Cybersecurity, Digital Transformation, Predictive Analytics

Humans, complacency, ignorance delay AV deployment
EEWeb
November 05, 2019
We have a long way to go before we see autonomous vehicles on the roads in any number

Is the autonomous vehicle (AV) going to be widely distributed in our lifetimes? Sure, just as soon as you eliminate human involvement, complacency and ignorance (was that repetitive?) from development. Until then, AVs are just going to be a rarity on the roads.

See publication

Tags: AI, Cybersecurity, Autonomous Vehicles

Winning the security fight: Tips for organizations and CISOs
HelpNetSecurity
October 09, 2019
For large organizations looking to build a robust cybersecurity strategy, failure to get the fundamentals in place practically guarantees a disaster. If you ask Matthew Rosenquist, a former Cybersecurity Strategist for Intel (now independent), overcoming denial of risk, employing the right cybersecurity leader, and defining clear goals are the three most critical objectives for avoiding a negative outcome.

See publication

Tags: Cybersecurity, Leadership, Risk Management

SuperDataScience Podcast - SDS 273: Predict, Prevent, Detect: Cyber Security
SuperDataScience.com
June 26, 2019
In this episode of the SuperDataScience Podcast, I chat with Matthew Rosenquist, one of the top leading world experts in the space of cybersecurity. You will learn what balance in cybersecurity means and what the dark web is. You will hear how Matthew's career developed and how he thinks about the strategy of cybersecurity. You will also learn about the valuable role of data science in cybersecurity and the steps you can take to get into this space.

If you enjoyed this episode, check out show notes, resources, and more at www.superdatascience.com/273

See publication

Tags: Analytics, AI, Cybersecurity

Evolving Risks of Cybercrime with Matthew Rosenquist
podcasts.apple.com
June 07, 2019
The Innovators Behind DISRUPTION - Episode 27 by Evolve ETFs
Evolving Risks of Cybercrime with Matthew Rosenquist
- Growing systemic challenges in cybersecurity
- How the public sector can protect itself from cybercrime
- The NSA and its role in the recent Baltimore ransomware attack
- Opinions on Baltimore’s decision not to pay their cyber attackers
- CEOs recognizing cybersecurity as a major business risk
- Cybersecurity demand and spend
- Government concerns about cyber threats
- Advice on how to protect yourself from cyber attacks

See publication

Tags: Cybersecurity, Risk Management

Don't trust a company to keep you safe
Podcasts.apple.com
March 12, 2019
Interview of Matthew Rosenquist, Cybersecurity Strategist. Podcast by Lou Covey
A range of topics, including nation state attacks, data breaches, ransomware, Artificial Intelligence, dark web, and the perception of perfect security

See publication

Tags: AI, Cybersecurity, Privacy

11 Panels
2021 HMG Strategy Silicon Valley CISO Executive Leadership Summit
HMG Strategy
March 18, 2021
This panel will be discussing the #solarwinds breach, specifically the residual after-effects. Our #cybersecurity industry is going to shift again! Don't miss it.
March 18th 10am-1pm Pacific time
Executives only, attendance is free
Register here: https://lnkd.in/gjszR-p

See publication

Tags: Cybersecurity, Leadership, Business Strategy

Speaking at the HMG Atlanta Virtual CIO Summit
Medium.com
February 28, 2021
Leaders in the industry deliver world class insights and best practices for management, technology, and career development.

See publication

Tags: Cybersecurity, Leadership, Privacy

The Role of Cyber Culture in a Cyber Strategy
RightHand Cybersecurity
October 26, 2020
In an effort to evangelize October's Cybersecurity Awareness Month, join us on Wednesday, 28 October at 10AM PST to hear from Cybersecurity leaders on the importance of incorporating Cyber Culture as part of your organization's Cyber Strategy, and best practices to effectively do so.

See publication

Tags: Culture, Cybersecurity, Leadership

Cybersecurity & IoT Showcase 2020 Panel Discussion: Why Sacramento is Ripe to be a Cybersecurity Hub
StartupSac
October 20, 2020
The panel discussion, Why Sacramento is Ripe to be a Cybersecurity Hub, was a lively and engaging discussion. Moderated by Carmen Marsh and featuring Malcolm Harkins, Matthew Rosenquist, and George Usi, the panel discussed a broad range of topics including:

Why would someone pick Sacramento to start a cybersecurity product or services company?
What advice would you give an aspiring entrepreneur looking for innovative ideas? Suggestions about the roadmap for innovators
Where should cyber startups look for business opportunities/ projects?
Where can people find resources to get started or to find support for their ideas?
Where can they find mentors?
Where to look and find a skilled workforce?

See publication

Tags: Cybersecurity, Startups

HMG Live! Silicon Valley CISO Executive Leadership Summit
Uptrennd
September 29, 2020
The CISO summit was a great virtual conference with insightful speakers. I had the pleasure of moderating the "Securing the Future of Work" panel, which begins at 1:43:34, with Rahul Kashyap CEO Awake Security, Lamont Orange CISO Netskope, and Laura Whitt-Winyard, CISO DLL Group.

The panel of experts shared their advice on how CISOs can drive success in securing the future of work. We discussed the challenges, valuable steps forward, and the greatest opportunity CISO should pursue.

See publication

Tags: Cybersecurity, Leadership

Expert Panel Discusses Cybersecurity in the New Normal
CISO Platform
June 10, 2020
Watch panelists Chris Roberts, G. Mark Hardy, and Matthew Rosenquist at VShield 2020

I had the honor to be on a distinguished panel with the incredibly knowledgeable G. Mark Hardy and the infamous white-hat hacker Chris Roberts. We discussed the evolution of cyber resilience, agility, and innovation in these troubling times.

Watch the panel as we discuss the following topics:
- Is Covid-19 a turning point for cybersecurity?
- Are Insider Threats increasing with the shift to remote workforces?
- Are trusted employees still the greatest threat? How can security help improve employee behaviors?
- Privacy: is it a government, business, or societal problem? What is the responsible approach? Should tech companies be compelled to unlock user devices, build-in backdoors, or use weak encryption algorithms?
- Are Bug Bounty programs good or evil for technology?
- How important is IoT security? Are the emerging risks being addressed or ignored across transportation, critical infrastructure, and government agencies?
- Nation States – will the cold war intensify?
- How will hardware and firmware insecurity for critical infrastructure play out? Where are the risks?
- What are the most important emerging topics in cybersecurity!

See publication

Tags: Cybersecurity, Privacy, COVID19

VShield 2020 Cybersecurity Conference
Medium
May 20, 2020
I have the honor of being on the Cyber Resilience, Agility and Innovation in the New Normal panel with the distinguished and infamous G.Mark Hardy and Chris Roberts. We will be discussing a wide range of cybersecurity topics that impact every digital citizen on the planet!

See publication

Tags: Cybersecurity, Emerging Technology, Privacy

Modern Successful SOC & Artificial Intelligence round-table
Cybersecurity Symposium for Smart Cities 2019
October 05, 2019
It was my honor to lead a round-table of superstars at the Cybersecurity Symposium for Smart Cities 2019. Talking about how cryptocurrency has become the economic vehicle of choice by cybercriminals and how the emerging AI revolution can both aid Security Operations, but also enhance the threats.

The digital revolution is an arms race where we must all work together to keep pace with the evolving attackers. A truly outstanding discussion with this group of luminaries and terrific audience participation!

Thanks to Sabrina Yuan Co-Founder & COO of SecuritAI, Joanna Hu Data Science Manager at Exabeam, and Dr. Victor Fang Founder and CEO of AnChain.ai

See publication

Tags: AI, Cybersecurity, Smart Cities

Shared Pain Points & Opportunities for Secure Smart Cities
Cybersecurity Symposium for Smart Cities 2019
October 05, 2019
Had a great time moderating a smashing panel at the Cybersecurity Symposium for Smart Cities 2019. Great insights from our CIO’s, standards, and best practices experts in identifying critical aspects for cities! Much thanks to Linda Gerull, Liza Massey, Olaf Gerd Gemin, and Jerry Cox

See publication

Tags: Cybersecurity, Digital Transformation, Smart Cities

Ransomware: The Not-So Good, Really Bad, and Truly Ugly!
SecureWorld
August 18, 2018
RECORDED LIVE ON AUGUST 28, 2018 — WATCH ON-DEMAND
Ransomware is spreading at an alarming pace and infecting networks across all industries and company sizes, primarily through phishing attacks. The cyber criminals behind the attacks are furiously innovating and keeping ahead of defenses. In this web conference, we will have an interactive discussion on the latest in ransomware threats and how to best protect your organization and yourself against this growing threat.

This session will educate attendees about the newest features of ransomware strains designed to evade detection and spread in new and creative ways. It will also cover recent attacks and how the victim organizations could have better protected themselves.

The session will examine:
• Current phishing trends
• Ransomware and how it is infecting networks
• Effective mitigation strategies
• Recovering from an attack

See publication

Tags: Cybersecurity

Harnessing Cyber-Physical Security Technologies
Cyber: Secured Forum (cybersecuredforum.com)
June 05, 2018
A great panel discussion, led by Ray Coulombe of Security Specifiers, with Donal Keating from Microsoft and Jeff Crume of IBM. As the audience is a strong mix of both physical and cyber security professionals, we will discuss how the convergence of technology across both domains will rapidly change to open up new opportunities and risks. Expect topics around Internet-of-Things (IoT), Artificial Intelligence (AI), and blockchain to be discussed by the panel and open questions from the audience.

See publication

Tags: AI, Cybersecurity, IoT

1 Patent
Hardware-generated dynamic identifier
US Patent Office
June 29, 2017
In an example, there is disclosed an electronic apparatus, comprising: a hardware-encoded internal private key; and one or more logic elements comprising a key generation engine to: receive an third-party key; and operate on the third-party key and the internal private key to generate a hardware-generated dynamic identifier (HGDI). There is also disclosed a method of providing an HGDI engine, and one or more computer-readable mediums having stored thereon executable instructions for providing an HGDI.

See publication

Tags: Cybersecurity, Innovation

2 Podcasts
Good Data Morning Show — LIVE!
Medium
March 02, 2021
Looking forward to discussing emerging cybersecurity challenges on the Good Data Morning Show, LIVE on LinkedIn and YouTube! April 2nd 11am ET (8am Pacific)
How safe are we in the digital world as an individual and as a company?

See publication

Tags: Cybersecurity

Focus of Cybersecurity is to Manage Digital Risk
Medium.com
February 24, 2021
I had such a great time talking about the challenges, chaos, and importance of cybersecurity to preserve trust in digital technology.

See publication

Tags: Cybersecurity, Risk Management

4 Quotes
Can Google’s New AI Ethics Service Be Of Any Help?
Analytics India Magazine
September 03, 2020
With biases in algorithms becoming a prime concern for companies, Google’s cloud division has come out with their new AI Ethics Services for helping in AI solutions. Planning to launch it by the end of this year, the tech giant, according to the news, will be offering its AI ethics services to companies who are working on AI projects.

See publication

Tags: AI, Cybersecurity, Privacy

Demystifying Internet of Things Security: Successful IoT Device/Edge and Platform Security Deployment
Apress Open
January 01, 2020
Break down the misconceptions of the Internet of Things by examining the different security building blocks available in Intel Architecture (IA) based IoT platforms. This open access book reviews the threat pyramid, secure boot, chain of trust, and the SW stack leading up to defense-in-depth.

Authors quote Matthew Rosenquist which reference the cybersecurity goals of organizations are to find a balance between risks, costs, and user experience.

ISBN-13: 978-1484228951
ISBN-10: 1484228952

See publication

Tags: Cybersecurity

Confident Data Skills: How to Work with Data and Futureproof Your Career
Kogan Page Limited
January 01, 2020
Data has dramatically changed how our world works. Understanding and using data is now one of the most transferable and desirable skills.

Author quotes Matthew Rosenquist regarding his position on the aggregation of data across platforms is very dangerous.


ISBN-13: 978-1789664386
ISBN-10: 1789664381

See publication

Tags: Big Data

Wireless Health: Remaking of Medicine by Pervasive Technologies
AuthorHouse
November 01, 2014
This book teaches the fundamental and practical knowledge necessary to advance wireless health technology and applications.

Author cites a paper of combined work from David Houlding, Tim Casey and Matthew Rosenquist "Improving healthcare Risk Assessments to maximize Security Budgets" Feb 2012

ISBN: 978-1-4969-3414-7

See publication

Tags: Healthtech

5 Speaking Engagements
HMG Live! CISO Virtual Summit
Medium
August 20, 2020
Mark your calendars. The HMG Live! Silicon Valley CISO Virtual Summit, on Aug 25th 10am Pacific, is a conference for #cybersecurity professionals interested in the latest perspectives on the shifting risks and opportunities of future business

See publication

Tags: Cybersecurity, Future of Work

Evolving Risks of Cybercrime with Matthew Rosenquist podcast
https://evolveetfs.com/podcasts/
June 07, 2019
Interviewed by Raj Lala, the CEO at Evolve ETFs in his podcast The Innovators Behind Disruption. In the
"Evolving Risks of Cybercrime with Matthew Rosenquist" episode, we covered a number of interesting topics, including the growing challenges in cybersecurity, rise in cybercrime, challenges of ransomware, what governments are worried about, and how to protect yourself.

See publication

Tags: Cybersecurity, Fintech, Risk Management

Cyber/Physical Convergence
2017 InfraGard Atlanta conference
January 18, 2017
Matthew Rosenquist's presentation at the 2017 InfraGard Atlanta conference, discussing the convergence between cyber and physical security.

See publication

Tags: Cybersecurity, Risk Management

The True Cost of Data Breaches - Not Just a Dollar per Record
CyberEd.io
March 22, 2016
When an organization suffers a data breach, a number of challenges, impacts, and business decisions contribute to the total of all the associated costs. The scope extends beyond a fixed dollar-per-stolen-record calculation, as it invariably includes expenditures for new security measures, legal fees, third-party forensic services, changes to business processes, as well as a loss of reputation and customer goodwill.

There is a complex set of chain reactions which occur after every significant data breach, each adding its own contribution to the overall cost and business impact.

In this session we'll discuss some real-world experiences regarding data breaches, how the costs exceed the typical dollar-per-record measure, and how organizations are adapting to learn from their experiences. We will also examine what the future holds, as attackers adapt and shift towards new data manipulation methods.

See publication

Tags: Cybersecurity, Risk Management

Upgrading to an APT-Capable Defense: Where To Start, How To Get Funding And See Immediate Reduction In Risk
Cybered.io
February 26, 2016
A complete defense cannot be deployed overnight. There are multiple people, process and technology components to consider and implement. In this session, we will help identify where and how resources can be focused to have the biggest immediate risk reduction, discuss lessons learned from real-world deployments and learn how to gain executive sponsorship of the program as a whole, to build momentum and help guarantee success.

See publication

Tags: Cybersecurity

54 Videos
Why REvil Ransomware Group Suddenly Disappeared
Medium
July 20, 2021
The notorious REvil ransomware cybercriminal group suddenly disappeared without explanation, spurring lots of speculation in the cybersecurity community. In this week’s video, we go over the results of a recent poll among security professionals that revealed what they believed was behind the REvil’s disappearance and if they will be back.

See publication

Tags: Cybersecurity

Ransomware Explained — Ending Ransomware
Medium
July 16, 2021
Stopping ransomware from being an impactful menace is the grand goal, but what are the specific criteria for success we should be striving for? Without clear objectives, we are often consumed with trivial aspects and never attain the desired end-state.

See publication

Tags: Cybersecurity

Ransomware Explained — 3 Fundamental Ways to Stop Cyberattacks
Medium
July 07, 2021
There are only 3 fundamental ways to stop attacks from motivated and intelligent adversaries.
Let’s identify and explore those options, and discuss how they may be applied to undermine Ransomware.
This video is the latest installment of a multi-part series on Ransomware. The series is free on the Cybersecurity Insights YouTube Channel.

See publication

Tags: Cybersecurity

Ransomware Cybersecurity Fireside Chat
Medium
June 29, 2021

See publication

Tags: Cybersecurity, Privacy, Risk Management

Ransomware Explained — Understanding the Attackers
Medium
June 24, 2021
Understanding the attackers is the first step in identifying an effective, efficient, and sustainable paths to mitigating the risks of ransomware.

See publication

Tags: Cybersecurity, Privacy

Ransomware Explained Video Series
Medium
June 09, 2021
Ransomware is a rising threat to every organization, device, and person connected to the Internet. All the products, services, and critical infrastructures are at risk of being victimized. We are all being impacted by this type of cybercrime and it is only the beginning.

See publication

Tags: Cybersecurity, Risk Management

2 Biggest Factors Driving the Future of Cybersecurity
YouTube
June 03, 2021
Cybersecurity can appear random and chaotic, but there are basic fundamentals that drive the course of cyberattacks.

In today’s video, I dive into the two biggest factors that shape cybersecurity risks, attacks, and what drives the direction of the security industry.

See publication

Tags: Cybersecurity, Social, Business Strategy

Paying Ransomware Should be Illegal
Medium
May 26, 2021
Ransomware is a growing problem that must be STOPPED! Cybercriminals are accumulating fortunes by impacting individuals, businesses, critical systems, and digital services. Some victims are paying ransoms in the tens of millions of dollars.

See publication

Tags: Cryptocurrency, Cybersecurity

The Colonial Pipeline Cyberattack Might be Good for America
Medium
May 17, 2021
The Colonial Pipeline ransomware attack, that caused fear of fuel shortages on the US East Coast, might be exactly what the nation needed to improve Critical Infrastructure security!

See publication

Tags: Cybersecurity, Privacy

Top 10 Things the Industry Can Do Now to Mitigate Digital Supply-Chain Attacks!
Medium
May 11, 2021
The SolarWinds and Exchange supply-chain attacks have highlighted how vulnerable 3rd party and vendor security is for every organization.

See publication

Tags: Cybersecurity, Supply Chain

Where Should a CISO Report Into?
Medium
May 03, 2021
Where should a CISO report into within an organization? No common standard exists as we can find them operating under many different organizations, including IT, Legal, the CTO, and CEO just to name a few.

See publication

Tags: Cybersecurity, Management, Risk Management

What’s Broken with M&A Cybersecurity
Medium
April 26, 2021
Cybersecurity for Mergers and Acquisitions is a mess. There are a surprising number of significant unforeseen risks that can wreak havoc on M&A deals. In this week’s fireside chat, I am joined by Justin Daniels, General Counsel/Cybersecurity/Data Protection SME at Baker Donelson, and Alex Rayter, Principal at Phoenix 2.0 Inc, to discuss the due diligence, risks, and recommendations to better understand and manage the challenges.

See publication

Tags: Cybersecurity, Privacy, Mergers and Acquisitions

Good and Bad of Google’s Project Zero Vulnerability Disclosure Changes
Medium
April 19, 2021
Google’s infamous Project Zero vulnerability research team recently announced it is changing its disclosure policy to be more friendly to product vendors. But is that good for cybersecurity?

See publication

Tags: Cybersecurity, Privacy

Zoom Critical Vulnerability Discovered
Medium.com
April 12, 2021
A new vulnerability has been discovered in the popular Zoom online conferencing tool that allows an attacker complete remote control over the targeted system, without any involvement by the user. As vulnerabilities go, this is pretty bad. But there is some very good news about this exploit.

See publication

Tags: Cybersecurity, Privacy

Stopping the Runaway Ransomware Epidemic
Medium.com
April 06, 2021
I see many government politicians positioning a ban of cryptocurrency as a solution for ransomware. That would simply not world. It would create an obstacle for cybercriminals, but one they would pursue to overcome. At most, it would be a temporary setback for cybercriminals.

See publication

Tags: Cryptocurrency, Cybersecurity, Privacy

Chaining Exploits are Taking Vulnerabilities to a New Level
Medium
March 30, 2021
Cyberattacks are leaping ahead in sophistication and the industry is not prepared.
As an example, Google Project Zero team recently detected attackers that exploited a combination of seven previously unknown vulnerabilities (0-days) to hack fully patched Windows, Android, and IOS systems.

See publication

Tags: Cybersecurity, Privacy

A Simple Solution to Crush Digital Misinformation
YouTube
March 22, 2021
Digital communication is connecting people around the globe with tremendous benefits, but is also being misused in terrible ways that take advantage of the community.

See publication

Tags: Cybersecurity, Digital Transformation, Privacy

DeepFakes — the Digital Future of Forgery
Medium
March 18, 2021
DeepFake technology is readily accessible and rapidly increasing in its capabilities. It will be used for both entertainment and malicious activities. In today’s short video I talk about some of the misuse we are already seeing and how there are counter-efforts to identify deepfakes.

See publication

Tags: Cybersecurity, Privacy

Cyber Threats Porting Malware to Apple Chips
Medium
March 10, 2021
Cyber threats are adapting their malware to work on new Apple chips that will power their products. The shift to a multi-architecture design will allow attackers to target the next generation of Apple systems and potentially exploit any discovered vulnerabilities.

See publication

Tags: Cybersecurity, Privacy, Risk Management

What SMB’s need to know about Cybersecurity
Medium
March 08, 2021
Small and medium businesses aren’t paying attention when it comes to cybersecurity. They are being targeted. Even with limited resources SMB’s can greatly improve their cyber defense. Many free resources are available that identify good practices to bolster cybersecurity of any sized organization.

See publication

Tags: Cybersecurity, Privacy, Risk Management

Who do Executives Blame for Cybersecurity Failures?
Medium
March 03, 2021
My rant in response to the former CEO of SolarWinds pointing the finger of blame at an intern in an attempt to redirect cybersecurity responsibility, highlights a lack of understanding and accountability within the c-suite.

See publication

Tags: Cybersecurity, Leadership, Risk Management

Nation State Cybercriminals are a Risk to Everyone
Medium.com
March 01, 2021
Most nation-state activities are focused on intelligence gathering, political manipulation, interference with critical infrastructure, and subverting military capabilities. These indirectly affect everyone, but don’t represent a direct threat to everyday citizens.

See publication

Tags: Cybersecurity, Risk Management

Not Paying Ransomware is the Only Way We All Win
Medium.com
February 22, 2021
Ransomware is on the rise because cybercriminals are being rewarded. Those who are impacted have been paying the ransoms, thereby funding and encouraging attackers to expand and target others.

See publication

Tags: Cybersecurity, Risk Management

If I Were a Nation-State Hacker Looking to Conduct Supply Chain Attacks
Medium
February 10, 2021
Cyber threats are racing to find and exploit the next big Supply-Chain hack. Compromises like that of SolarWinds represent a tectonic shift in the Cybersecurity world, where the compromise of a single software supplier can expose all their customers for victimization by attackers.

See publication

Tags: Cybersecurity, Privacy, Risk Management

Top 3 Missions of a CISO
Medium
February 03, 2021
Every Chief Information Security Officer should have a strategic plan that defines the key deliverables to enable success.

See publication

Tags: Cybersecurity, Edtech, Privacy

Cautious Optimism and Grave Concerns as Intel Integrates Cybereason into Chips
Medium
January 27, 2021
Intel and Cybereason just announced that they are working to integrate Cybereason to collect data from hardware to software levels, with the goal of protecting users from ransomware.

See publication

Tags: Cybersecurity

Finding the Next SolarWinds Type of Supply Chain Attack
Medium
January 20, 2021
The SolarWinds compromise showed that supply-chain attacks are possible and the ramifications can be tremendously impactful. Other nation states will be investing in efforts to duplicate this success. That makes IT tools, security products, hardware & firmware vendors, and cloud service providers prime targets for exploitation.

See publication

Tags: Cybersecurity, Supply Chain

Cybersecurity Value is About Protecting Intangible Assets
Medium.com
January 14, 2021
Intangibles now account for 90% of the S&P’s total assets and it is no accident that the core of cybersecurity has evolved to protect those aspects of the business. It is a natural progression for security to align with protecting the most important assets. This is a crucial element when communicating the value and relevance to audiences.

See publication

Tags: Cybersecurity, Leadership, Risk Management

Why are Cybersecurity Roles Confusing
Medium.com
January 11, 2021
The cybersecurity field is dynamic and the roles and responsibilities are ever changing. People coming into the cybersecurity field often expect clearly defined positions and are surprised at the significant variance when looking at job descriptions or talking with professionals.

See publication

Tags: Cybersecurity, Management, Privacy

The CISO Dilemma - When Leadership Ignores Risks
YouTube
December 24, 2020
What should a CISO do when the executive leadership chooses to ignore critical cyber risks? If the C-Suite and board are well informed of imperative vulnerabilities and yet choose a path to ignore security, the CISO is put in a position where they are incapable of effectively managing risk, yet still responsible when incidents occur.

Let’s break down the problem, from what a CISO must do, how people disposition risks, and finally the recommended actions.

See publication

Tags: Cybersecurity, Leadership, Risk Management

Objectives of Nation State Cyber Attackers
YouTube
December 21, 2020
It is important to look into the motivations of government orchestrated cyberattacks, such as SolarWinds, as understanding the threat-agent’s objectives can provide important insights to their long-term goals and potential next steps.

Today I discuss the 4 primary reasons why Nation States conduct cyber warfare activities and evaluate that against what we currently know of the SolarWinds hack to gain a better sense of the scale and strategic value to the infiltrators.

See publication

Tags: Cybersecurity

Leaders and Losers of the SolarWinds Hack
YouTube
December 20, 2020
The SolarWinds hack has had a significant ripple effect on the cybersecurity community, with over 18k organizations discovered to be severely vulnerable and at the mercy of nation-state hackers. The security community realized some of the biggest companies, most sensitive government agencies, and critical infrastructure were at risk. Some organizations have shown leadership, most have remained quiet, and a few have decided to take advantage of the fear to sell their wares and pursue profits.

Time to call out the leaders and deceivers.

See publication

Tags: Cybersecurity

Missing the Big Picture from the SolarWinds Hack
YouTube
December 15, 2020
The cybersecurity industry is consumed with scale and effectiveness of one of the biggest hacks in recent memory. The emerging narrative and stories are missing important pieces of the puzzle. The attackers, likely a nation-state, gained unprecedented access to the U.S. government, military, critical infrastructure, and most major businesses. The full scope and reasons are not clear, but it is imperative to figure out. The mystery must be solved, for the benefit of everyone, so we can prepare for what is next.

See publication

Tags: Cybersecurity

Evolution of Law Enforcement is Driving Changes Cryptocurrency
LinkedIn
December 14, 2020
There is an important transition that is happening with law enforcement’s adaptation to digital currencies. Authorities are seizing billions worth of criminal’s cryptocurrency and their improving skills are proving crypto is not the safe haven that criminals thought it to be.


See publication

Tags: Cryptocurrency, Cybersecurity

FireEye Hacked – A Stark Reminder of Cybersecurity Risks
YouTube
December 10, 2020
Even the best security organizations can be hacked! Watch my message to both the cybersecurity industry as well as those attackers that hacked FireEye and stole the RedTeam tools. This skirmish went to the hackers, but the battle continues.

See publication

Tags: Cybersecurity

Apple App Store Will Require Privacy Transparency
YouTube
December 07, 2020
Apple is instituting new privacy requirements, for all new applications being listed in the App Store, to enhance transparency and educate users. It is an important step, but additional measures are needed to ensure compliance.

See publication

Tags: Privacy

Why TrickBot Malware may be a Game Changer for Cybersecurity
YouTube
December 04, 2020
Cyber attackers continue to move down the compute stack with the latest variant of TrickBot now targeting firmware for malicious manipulations. This is when it gets serious.

See publication

Tags: Cybersecurity

Some Justice for Phone Scammers
YouTube
December 02, 2020
Some justice was delivered to the leader of a major phone scam ring based out of India. You are probably familiar with those spam calls that threaten money is owed to the IRS and if you don’t pay over-the-phone you will be arrested. Total scam. This criminal will be spending some quality time behind bars, thanks to the U.S Dept of Justice and international cooperation. A good day.

See publication

Tags: Cybersecurity

Top 3 Recommendations to Avoid Online Holiday Fraud and Scams
YouTube
December 01, 2020
The holidays are a time for increased online fraud and scams. All of us need to follow the best security practices to keep our holiday from turning into a digital disaster.

The Cybersecurity Infrastructure Security Agency (CISA.Gov) has some good tips for safe online shopping https://www.cisa.gov/shop-safely

See publication

Tags: Cybersecurity

Disable Amazon Sidewalk for Now
YouTube
November 25, 2020
Amazon is releasing their Sidewalk network feature that opens users home network to connect with neighbors that also have Amazon products like the Echo devices and Ring security cameras. Amazon is turning Sidewalk ON by DEFAULT! That is concerning. Such a network could enable a host of new capabilities but might also introduce new cyber risks to participants.

See publication

Tags: Cybersecurity

Intel in Denial of the Latest SGX Secure Enclave Vulnerability
YouTube
November 19, 2020
Another vulnerability and exploit named VoltPillager has been published for Intel Corporation's SGX security technology. The most disturbing aspect is not the vulnerability itself, but rather how Intel has responded to researchers and news outlets. Pure denial.

As a shareholder and former employee, I am gravely disappointed!

See publication

Tags: Cybersecurity

New Zealand Releases a Privacy Data Breach Self Test Tool
YouTube
November 16, 2020
The small country of New Zealand is showing great privacy leadership by releasing a tool to help businesses determine if a cybersecurity incident is considered a Data Breach.

See publication

Tags: Privacy

Inaccurate Predictions about Cybersecurity is Dangerous
Medium.com
November 12, 2020
I may offend some people, so for those who don’t want to hear my rant, skip this video.
Recent cybersecurity predictions aren’t just wrong, they are dangerous
I am disappointed in the recent comments that Michelle Zatlyn, the co-founder and COO of Cloudflare, made regarding the future of cybersecurity.
She stated Cybersecurity would be “a thing of the past the next decade” and that instead it will work like a water filtration system.
She is wrong. Dead wrong.


See publication

Tags: Cybersecurity

Deloitte's 'Test your Hacker IQ' Proves Vulnerable to being Hacked
YouTube
November 10, 2020
A website tied to an event that quizzed people on their hacking knowledge, launched by major a security consultancy firm, is itself vulnerable to being hacked. This incident showcases a number of important lessons for every organization that wants to avoid such embarrassment.

See publication

Tags: Cybersecurity

U.S. Dept of Justice seizes $1 billion in Bitcoin
YouTube
November 09, 2020
A billion-dollar mystery has been solved. Cryptocurrency watchers were stunned when they recently saw a billion dollars of #Bitcoin being moved from a very old account that has been inactive for years.

U.S. Dept of Justice unsealed court filings related to the Ross Ulbricht 2015 Silk Road case. This is momentous! Such a seizure puts most others to shame and it will likely drive some changes in law enforcement. In the video, I discuss how this case will change enforcement and criminal practices moving forward.

See publication

Tags: Cryptocurrency

Intel’s Secret Key to Decrypt Microcode Patches is Exposed
YouTube
November 02, 2020
Vulnerability researchers hacked Intel’s update process and captured the secret key that decrypts Intel microcode updates. This important finding exposes another layer of security that protects CPUs from malicious manipulations. Intel’s response downplays the true significance, seeking to pacify concerns, while ignoring the strategic implications.

See publication

Tags: Cybersecurity

Cybersecurity Awareness Month – Accept My Challenge
YouTube
October 25, 2020
October is Cybersecurity Awareness Month. It is a time to consider the risks we accept everyday when using computers and what we can do to better protect ourselves.

I have a challenge for each and every person. Something that will help people individually and everyone collectively.

See publication

Tags: Culture, Cybersecurity, Social

NSA Reveals the Top Vulnerabilities Exploited by China
YouTube
October 23, 2020
The U.S. National Security Agency knows which vulnerabilities China backed hackers are exploiting the most to gain access to sensitive data.

The Chinese state-sponsored information gathering engine is a vacuum when it comes to acquiring information from foreign companies and countries.

See publication

Tags: Cybersecurity, Risk Management

Charges Against Russian Nation-State Hackers Sends a Message
Medium
October 22, 2020
The U.S. Department of Justice filed charges against six Russian agents, identified as members of the APT group known as Sandworm. The unsealed documents reveal that the six suspects are all current or have former ties to the Russian foreign intelligence agency, the GRU. The charges outline how this group is supported and coordinated by the Russian government to conduct hacks against people and governments around the world, including taking down the Ukraine power network and unleashing NotPetya malware, one of the most damaging in history.

See publication

Tags: Cybersecurity, Govtech

Cyber Threats Enhance Phishing with AI and Worm Functions for Rapid Disruption
Medium
October 20, 2020
New phishing malware leverages Artificial Intelligence and worm functionality to rapidly spread to contacts of victims. By leveraging previously established relationships the malware can bypass technical controls and easily fool new targets into becoming infected.

See publication

Tags: AI, Cybersecurity

Apple T2 Chip Vulnerability Challenges the Industry
Intel Corp
October 18, 2020
Recent verified reports highlight exploitable vulnerabilities in Apple’s security chip that cannot be patched! The announcement adds to the growing concerns and shifting perceptions about hardware security.

See publication

Tags: Customer Experience, Cybersecurity, Privacy

Is Paying Ransomware Now Illegal?
Medium
October 16, 2020
Security experts say don’t pay ransomware, but now the U.S. Treasury Department is now declaring it illegal! Every company on the Internet must deal with the threat and emerging regulations.
Ransomware continues to be a growing problem because victims have been rewarding the attackers. If regulations expand, the option to pay-off the criminals will no longer be viable. We must address ransomware in a more proactive way. It is time to get focused and start thinking strategically.
Subscribe to my new YouTube channel for more Cybersecurity Insights, rants, news, and perspectives.


See publication

Tags: Cybersecurity

Microsoft's New Tactics Disrupts Trickbot Ransomware
YouTube
October 13, 2020
Microsoft and partners have taken down the Trickbot ransomware infrastructure. That is a temporary relief, as the cybercriminals will soon adapt. The bigger picture is how the Microsoft Digital Crimes Unit (DCU) has created a template and partnerships to better target and disrupt future malware campaigns!

See publication

Tags: Cybersecurity

Should Governments be Responsible for Protecting the Internet?
YouTube
October 12, 2020
Does society want governments to take on the role of protecting the Internet? Should the Internet be considered a Critical Infrastructure and therefore be overseen by governments? Will such actions undermine privacy and liberty or will it be demanded by citizens to protect personal access and online security?

See publication

Tags: Cybersecurity, Digital Transformation, Privacy

2 Webinars
The Next Disruption: Hybrid Working
HMG Strategy
June 10, 2021
When the pandemic hit, many of our lives were turned upside down, including how we work and how we live. Almost all face-to-face encounters are now being substituted by virtual communication with many of us doing our work at our kitchen table. We went through this dramatic shift in all areas of our lives at once – everything pivoted to a remote-first environment and for many of us this was a sudden and dramatic change. Zoom is looking at this stage as Building Forward with Confidence and we are working with clients to take what we knew worked pre-pandemic combined with what we learned during the pandemic and hopefully use that as a model building forward. Now we are looking at a second disruption: A reorganization of how we work, where we work from and when we work. What is that going to look like? How are the changes we created to continue our lives during the pandemic going to evolve? Please join us for a panel discussion with Gary Sorrentino, Zoom Global Deputy CIO and other C-level technology leaders on how we can all prepare for this next shift how we work.

See publication

Tags: Digital Disruption, Leadership, Future of Work

Webinar: The Role of Cyber Culture in a Cyber Strategy
YouTube
October 29, 2020
Watch the recorded version of the webinar "The Role of Cyber Culture in a Cyber Strategy". Our guest speakers Jack Roehrig, CISO at Turnitin, and Matthew Rosenquist, CISO at Eclipz, shared great insights on how to incorporate Cyber Culture as part of your organization's Cyber Strategy, and best practices to effectively do so.

See publication

Tags: Cybersecurity, Management, Business Strategy

1 Webinar
Future of Offensive Attack Simulation: Strategies, Tools & Techniques
Medium
November 18, 2020
A hack is executed every 39 seconds and impacts one in three Americans every year.
Join us in the discussion on Future of Offensive Attack Simulation: Strategies, Tools & Techniques with Bikash Barai and Matthew Rosenquist

See publication

Tags: Cybersecurity

3 Whitepapers
McAfee Labs 2017 Threats Predictions
McAfee
November 30, 2016
McAfee Labs explores top threats expected in the coming year.

Welcome to the McAfee Labs 2017 Threats Predictions
report. We have split this year’s report into two sections.
The first section digs into three very important topics,
looking at each through a long lens.

The second section makes specific predictions about
threats activity in 2017. Our predictions for next year
cover a wide range of threats, including ransomware,
vulnerabilities of all kinds, the use of threat intelligence
to improve defenses, and attacks on mobile devices.

See publication

Tags: Cybersecurity, Risk Management

Prioritizing Information Security Risks with Threat Agent Risk Assessment
Intel Corp
January 05, 2010
Matthew Rosenquist, while at Intel Corp developed a threat agent risk assessment (TARA) methodology that distills the immense number of possible information security attacks into a digest of only those exposures most likely to occur. This methodology identifies threat agents that are pursuing objectives which are reasonably attainable and could cause unsatisfactory losses to Intel.

It would be prohibitively expensive and impractical to defend every possible vulnerability. By using a predictive methodology to prioritize specific areas of concern, we can both proactively target the most critical exposures and efficiently apply our resources for maximum results. The TARA methodology identifies which threat agents pose the greatest risk, what they want to accomplish, and the likely methods they will employ. These methods are cross-referenced with existing vulnerabilities and controls to pinpoint the areas that are most exposed. Our security strategy then focuses on these areas to minimize efforts while maximizing effect.

See publication

Tags: Analytics, Cybersecurity, Risk Management

Defense In Depth Strategy Optimizes Security
Intel Corp
September 30, 2008
Matthew Rosenquist of Intel IT has developed a Defense-in-Depth strategy that optimizes security using interlocking predictions, prevention, detection, and response capabilities. We recognize that attackers are human opponents who constantly evolve new tactics and that it would be prohibitively expensive and near impossible to protect against every vulnerability. Our strategy uses prediction to gain insights into the most likely threats, attack methods, and targets. This allows a proactive and efficient focus of resources.

See publication

Tags: Cybersecurity, Innovation, Risk Management

Radar

2 Trends
Cybersecurity

Date : July 29, 2020

Digital technology connects and enriches the lives of everyone, but there are risks. Cybersecurity protects against the undesired risks of misuse for connected technology, specifically the undermining of confidentiality, integrity, and availability of computer based digital systems. The growth, adoption, and reliance on tech also elevates the risks.

See Radar

Digital Privacy

Date : July 29, 2020

As more data is collected, analyzed, correlated and share about individuals, the greater the risks that people will be victimized or their rights will be violated.

See Radar

1 Industry Scenario
Ransomware increase in Q2

Date : July 29, 2020

The industry report highlights the latest maneuvers from the Ransomware threats. Cyber criminals are showing bold moves and a growing sense of business negotiation savvy. They are becoming more professional.

See Radar

2 Predictions
2021 Predictions for Cybersecurity

Date : October 22, 2020

Cybercriminals focus on targeting the growing online digital economy causing considerable disruption and financial losses

As the usage, control, and flow of money transitions to digital financial services, online shopping, decentralized finance, and digital currencies, cybercriminals will greatly increase their attacks on these aspects of the digital economy to target financial assets.

Highly customized phishing, more creative impersonation attacks, DDoS extortion, digital exchange hacks, cryptocurrency fraud, and online credential theft will ramp to epidemic levels, forcing the development of new cybersecurity capabilities.

Governments will be spurred to explore new regulatory frameworks and to directly act in ways to protect citizens assets and activities. This will create more tension with the rise of privacy relevance and fears of government oversight.

- Matthew Rosenquist, CISO and Industry Cybersecurity Strategist, Eclipz.io

See Radar

2020 Predictions for Cybersecurity

Date : September 25, 2020

2020 Year of Enlightenment for Cybersecurity – It will become evident to the public that the worst impacts are not data breaches, but rather the trust in critical systems that underpin the activities of daily life. Outages against government services, public utility systems, financial services, retail and manufacturing industries, healthcare, communications, social and news media, and systems of democracy will be more severe and impactful to people. The attackers will be a mix of cybercriminals seeking financial gain, nation-states projecting policy, and radical groups pushing their agenda. Failures will be scattered across the globe. The scope and severity of attacks we will see in 2020 will drive the realization that we have reached a point where our everyday lives, now heavily reliant on the digital world, are tremendously vulnerable to cyber-attacks that can impact every person in so many new ways. Trust in technology will begin to be questioned by the public.

See Radar

Blog

Opportunities

1 Business
Cybersecurity Strategy Advisement and Event Speaker

Location: Virtual    Date Available: October 01st, 2020    Fees: Negotiable

Submission Date: September 16th, 2020    Service Type: Service Offered

Insights and recommendations on emerging cybersecurity threats, business opportunities, and best practices.

30 years of experience and industry advising to academia, businesses, governments, and audiences across the globe.

Respond to this opportunity

Contact Matthew Rosenquist

Media Kit

Share Profile

Contact Info

  Profile

Matthew Rosenquist