SIGN UP | SIGN IN
Thinkers360
Interested in getting your own thought leader profile? Get Started Today.

Matthew Rosenquist

Chief Information Security Officer at Eclipz

Folsom, United States

CISO and cybersecurity strategist that actively works with the industry to identify emerging risks and opportunities.  Currently the CISO for Eclipz and formerly the Cybersecurity Strategist for Intel Corp. with 30 years in the security field. An active keynote speaker at industry events, member on multiple technical and academic advisory boards, and collaborates with the top minds in the cybersecurity industry across business, academia, and governments sectors.  Publishes blogs, whitepapers, and develops industry methodologies.  Was named as a Top 10 Technology Voice in 2018 by LinkedIn and has a very active following of over 180k professionals.   

Matthew is experienced in building world class teams and capabilities, managing security operations, and evangelizing best-practices to the market.  He advises boards, executives, industry groups, tech companies, consumer audiences, and the media on the risks and relevance of cybersecurity issues and how to achieve an optimal level of security.

Available For: Consulting, Influencing, Speaking
Travels From: Sacramento CA
Speaking Topics: cybersecurity, information security, cyber security

Matthew RosenquistPoints
Academic0
Author170
Influencer72
Speaker87
Entrepreneur220
Total549

Points based upon Thinkers360 patent-pending algorithm.

Thought Leader Profile

Portfolio Mix

Company Information

Company Type: Company
Business Unit: Technology
Theatre: Global
Media Experience: 14 Years
Last Media Interview: 03/24/2020

Areas of Expertise

AI 32.58
Analytics 32.05
Big Data 30.35
Cryptocurrency 42.35
Customer Experience 30.24
Cybersecurity 83.28
Digital Transformation 30.53
Emerging Technology 30.25
Fintech 31.10
HR 30.44
Innovation 31.95
IoT 32.14
Leadership 34.22
Privacy 41.54
Risk Management 41.49
Govtech 31.83
Startups 33.82
Future of Work 31.25
Social 30.83
Business Strategy 34.70
Edtech 33.60
Predictive Analytics 30.71
Blockchain 30.24
Diversity and Inclusion 34.72
Healthtech 30.46
COVID19 33.50
Autonomous Vehicles 32.63
Management 31.33
Supply Chain 30.35
Culture 30.29

Industry Experience

Consumer Products
Financial Services & Banking
Healthcare
High Tech & Electronics
Higher Education & Research
Manufacturing
Media
Other
Professional Services
Retail
Telecommunications

Please signin or signup to view publication section.

Publications

9 Advisory Board Memberships
Cyber Security Initiative Strategic Council
Private Directors Association
December 22, 2020
I am very excited to join with esteemed cybersecurity colleagues on Private Directions Association’s (PDA) Cyber Security Initiative Strategic Council. Our charter is to drive timely and relevant communications to the board member community.

See publication

Tags: Cybersecurity

EC-Council International Advisory Board for CISOs
LinkedIn
May 20, 2020
I am excited to join the prestigious ranks of EC-Council’s International Advisory Board for CISOs. EC-Council is a leader in providing training, sharing knowledge, and being a resource for cybersecurity professionals. The advisory board collaborates to share best practices, emerging challenges, and opportunities for CISOs to better protect their organizations in alignment with overall business goals.

See publication

Tags: Cybersecurity, Leadership

Helping Academia Succeed So Cybersecurity Can Thrive
LinkedIn
April 10, 2020
Thrilled to announce that I am joining the Advisory Board for the University of Phoenix, College of Business and Information Technology! Academia plays a crucial role in fulfilling the staffing needs for the growing cybersecurity industry! We must all play a role to help prepare the next generation of professionals.

See publication

Tags: Cybersecurity

Matthew Rosenquist Joins the Eclipz Advisory Board to make the World of Connected Data More Secure
LinkedIn
September 04, 2019
It is my honor to join the Advisory Board of Eclipz; a cybersecurity innovator focused on securing data in transit, even on untrusted endpoints. Hardening digital communications from hackers and eavesdropping are crucial for security, privacy, and trust.
https://www.eclipz.io/

See publication

Tags: Business Strategy, Cybersecurity, Startups

Matthew Rosenquist Joins the Advisory Board for the Techno Security & Digital Forensics Conference
LinkedIn
August 15, 2019
I am excited to announce I have accepted a position on the Techno Security & Digital Forensics Conference Advisory Board. I am honored to be part of this team to help drive education, awareness, training, and ethics across the digital forensics and cybersecurity industries. I strongly believe professionals should contribute to the growth of the field by influencing, sharing knowledge, connecting others and pursuing beneficial ideas for greater impacts.
https://www.technosecurity.us/ca/about-us/2020-advisory-board

See publication

Tags: Business Strategy, Cybersecurity, Leadership

Contributing to the SIA Education @ ISC Advisory Board
LinkedIn
May 30, 2018
I was just asked to extend my role as an Advisory Board member on the SIA Education @ ISC Advisory Board for an additional year.

SIA Education program at the ISC West security conference has grown into a respected resource for education in the industry, attracting over 1100 participants at ISC West 2018. I have enjoyed being part of this group for several years and thoroughly enjoyed presenting keynotes for the converged security event in 2016 and 2017.

See publication

Tags: Business Strategy, Cybersecurity, Edtech

Joint Task Force on Cybersecurity Education
NIST
December 31, 2017
The Joint Task Force on Cybersecurity Education (JTF) was launched in September 2015 with the purpose of developing comprehensive curricular guidance in cybersecurity education that will support future program development and associated educational efforts. The Curriculum Guidelines for Post-Secondary
Degree Programs in Cybersecurity was published in 2017.

See publication

Tags: Cybersecurity, Leadership

Honored to Join the HMG CISO Advisory Board!
LinkedIn
September 12, 2016
I am excited to join the HMG CISO Advisory Board. I am humbled to be a part of this outstanding group of information security leaders. The HMG Strategy network provides c-suite executives the opportunity to experience global thought-leadership, a social community of face-to-face networking, access to a Research and Resource Center, and a number of summits around the country to bring together champions to secure the future of enterprises.

See publication

Tags: Business Strategy, Cybersecurity, Leadership

Brandeis University Graduate Professional Studies Advisory Board Member
Brandeis University
June 01, 2015
Matthew Rosenquist joined the Brandeis University Graduate Professional Studies (GPS) Advisory Board for Information Security Leadership, Committee for the Master of Science in Information Security, in 2015. Matthew has remained an active member of the board and will continue serving this important role through 2020 to help advise Brandeis in maintaining the very best graduate program to produce elite cybersecurity leaders.

See publication

Tags: Business Strategy, Cybersecurity, Leadership

74 Article/Blogs
New U.S. Cybersecurity Leadership Needs More Experience Diversity
Medium
January 25, 2021
President Biden has been quick to name a number of cybersecurity leadership positions, to greatly strengthen the nations capabilities, but there are concerns with the diversity of experience.

See publication

Tags: Cybersecurity

WhatsApp Still Needs to Prove it is Trustworthy
Medium
January 17, 2021
In the aftermath of WhatsApp’s privacy notification to users, that they will again be sharing data with Facebook, there is still a lack of clarity. I see a lot of statements from WhatsApp and general chatter regarding what data they will NOT be sharing. But I have yet to find any specificity on what exact data they WILL be sharing with Facebook. That is very strange and seems misdirecting.

See publication

Tags: Cybersecurity, Privacy

Law Enforcement is Seduced by Big Cybercrime Cases
Medium
January 07, 2021
Some important aspects are changing in law enforcement, when it comes to cybercrime.
In today’s video I look at the social aspects within the law enforcement community, the criminal evolution of cybercrime, and the resulting changes in behaviors that are driving fundamental improvements to cybercrime investigations around the globe.

See publication

Tags: Cryptocurrency, Cybersecurity, Privacy

China Seizes $4B in Cryptocurrency from Scammers
Medium
December 01, 2020
Governments can still pursue cybercriminals and fraudsters who use cryptocurrency. China authorities have seized over 4 billion dollars worth of Bitcoin, Ethereum, and several other cryptocurrencies as part of a crackdown on the PlusToken scheme that defrauded over 2 million people. This seizure has been approved by the courts after the ringleaders were convicted of Ponzi-type fraud.

See publication

Tags: Cryptocurrency, Cybersecurity

Police Cameras are Providing Facial Recognition Tracking to Criminals in Moscow
Medium
November 17, 2020
Criminals are offering stalking services, through the use of Moscow’s camera system, to identify and track people for $200. Customers provide a picture and the criminals will return a report of where that person has been, where they frequent, and more. Apparently, the data is being gleaned from the police facial recognition camera system, that includes over 100,000 cameras positioned to watch the city.

See publication

Tags: Cybersecurity, Privacy

U.S. Dept of Justice seizes $1 billion in Bitcoin
LinkedIn
November 10, 2020
A billion-dollar mystery has been solved. Cryptocurrency watchers were stunned when they recently saw a billion dollars of Bitcoin being moved from a very old account that has been inactive for years.

The mystery was solved as the U.S. Department of Justice unsealed court filings related to the Ross Ulbricht 2015 Silk Road case. Ulbricht, who ran the infamous dark-web site Silk Road, was convicted and his bitcoin assets seized. But before they all could be grabbed, a hacker stole 70k bitcoins from Ulbricht's accounts. As they say, there is little honor among thieves. At the time it was worth a few hundred thousand dollars, but now it has appreciated to a billion dollars!

See publication

Tags: Cryptocurrency, Cybersecurity, Management

Managing IoT Data Security Risks: The Need to Secure Data in Modern Computing
CISO MAG
October 20, 2020
The demands to defend the information on edge devices have reached a new pinnacle and continues to grow beyond what current capabilities can handle. Legacy cybersecurity systems that ensure the confidentiality, integrity, availability and the proper use of data from edge devices are not sufficient for the growing scale of the Internet of Things (IoT) and Industrial IoT (IIoT). Innovation in technology and process is needed to deliver the robustness necessary to defend against a world of ever-evolving cyber threats.

See publication

Tags: Cybersecurity, IoT, Leadership

Should Governments be Responsible for Protecting the Internet?
Medium
October 13, 2020
Does society want governments to take on the role of protecting the Internet? Should the Internet be considered a Critical Infrastructure and therefore be overseen by governments? Will such actions undermine privacy and liberty or will it be demanded by citizens to protect personal access and online security?

See publication

Tags: Cybersecurity, Privacy

Microsoft’s New Tactics Disrupts Trickbot Ransomware
Medium
October 13, 2020
Microsoft and partners have taken down the Trickbot ransomware infrastructure. That is a temporary relief, as the cybercriminals will soon adapt. The bigger picture is how the Microsoft Digital Crimes Unit (DCU) has created a template and partnerships to better target and disrupt future malware campaigns!

See publication

Tags: Cybersecurity

Leveraging culture for better cybersecurity?
Medium
October 05, 2020
Join the free webinar on Oct 28th 10am PST to listen to the panel discuss how culture can contribute or destroy cybersecurity!
Colleagues Jack Roehrig, Theo Nasser, and myself will be discussing the importance of weaving a positive cyber culture into organizations as part of a greater set of best-practices for effective cyber strategy.

See publication

Tags: Cybersecurity

We Don’t Want IoT Cybersecurity Regulations
Medium
September 21, 2020
It simply makes no sense to call for IoT devices to be certified safe-and-secure. Before you get bent out of shape, hear me out.

Regulations are unwieldy blunt instruments, best left as a last resort. Cybersecurity regulations are not nimble, tend to be outdated the day they are instituted, and become a lowest-common-threshold for an industry to follow. This stifles security innovation and the application of best practices. On the upside, regulations do force industries that have ignored basic security practices to meet a common standard. But history has shown those industries rarely go any farther than the regulatory requirements. All the data breaches we see in the news every week, almost all of those organization are compliant with regulations, yet they are losing data records by the billions. Compliance does not equal security!

See publication

Tags: Cybersecurity, IoT

Beware of Unified Cybersecurity Solutions Claiming to Help CISO's
CISO Platform
September 17, 2020
Many security vendors developing products to unify solutions into a single management interface. I fear this is just a sales tactic to gain greater market share and not intended to help the plight of CISO’s

See publication

Tags: Cybersecurity

Painful IoT Security Lessons Highlighted by a Digital Padlock
LinkedIn
September 15, 2020
The first warning sign was “hackproof” in the 360Lock marketing materials. As it turns out, with no surprise to any security professional, the NFC and Bluetooth enabled padlock proved to be anything but secure.

See publication

Tags: Cybersecurity, Digital Transformation, Risk Management

EC-Council Free Online Event for Cybersecurity Skills Development
Medium
September 12, 2020
EC-Council is announcing the #TheNextBigThingInCyber skills development in a free online event on Sept 16th 9:30am EST. EC-Council’s CEO, Jay Bavisi will discuss what it means to Humanize firewalls, build a new era of ethical hackers, empower cyber defenders, and the importance of great penetration testers.

See publication

Tags: Cybersecurity, Edtech

Intel patches 9 vulnerabilities in their management platform
Medium
September 12, 2020
Intel has released patches for several security vulnerabilities in their Active Management Technology (AMT) and Intel Standard Manageability (ISM) platforms. One of them was a critical flaw in AMT that allowed remote privilege escalation CVE-2020–8758

See publication

Tags: Cybersecurity, Risk Management, Supply Chain

Defenders show up to the war on deepfakes
Medium
September 04, 2020
Digitally altered and synthetic media are becoming more of a problem. Openly available tools, including AI Deep Learning, enable the easy modification of pictures and videos for distribution on the Internet. Most are benign; clearing up acne, improving image lighting, creating a funny meme, or perhaps narrowing a waistline for aesthetic reasons. More disturbing is the generation of videos of known personalities, making them appear to make caustic statements or take part in inappropriate activities. These fakes have appeared in political posts, social satire, news media, and pornographic material. Motivations are sometimes for humor, vanity, vindictiveness, or to sway public viewpoints.

See publication

Tags: AI, Cybersecurity, Privacy

Google to offer AI Ethics services to others?
Medium
September 01, 2020
AI Ethics are very relevant and growing in importance as the world embraces artificial intelligence systems.
Google has announced it will it will launch new AI ethics service by the end of the year to help others with tricky ethical challenges involving AI.

See publication

Tags: AI, Cybersecurity, Privacy

Smart Cities Keynote: Security and Privacy After 2020
Medium
September 01, 2020
I am looking forward to a great keynote conversation and Q&A session about the new normal for digital security & privacy of smart cities. As our cities embrace digital technologies to extend and improve services to its citizens, it is important to weave in security and privacy controls to reinforce trust.

Come join my co-speakers Marcelo Peredo, the CISO of the City of San Jose, and Zulfikar Ramzan, the CTO of RSA, as we discuss the evolving cybersecurity challenges and opportunities beyond 2020.

See publication

Tags: AI, Cybersecurity, Privacy

Sacramento Opens Cybersecurity Opportunities for Covid Displaced Workers
Uptrennd
August 28, 2020
City of Sacramento is leading the way and showcasing how public/private partnerships can help the community and make the digital world safer for everyone! This is a great template for other communities to retrain Covid-19 displaced workers for a career in cybersecurity.

See publication

Tags: COVID19, Cybersecurity

How privacy can decrease safety
HelpNetSecurity
August 03, 2020
Online anonymity can undermine accountability and enable victimization. A balance needs to be struck. The second article of a 2 part series between Matthew Rosenquist and Lisa Thee explores the complexities of digital privacy and outlines some U.S. focused recommendations.

See publication

Tags: Cybersecurity, Privacy

What is privacy and why does it matter?
HelpNetSecurity
July 28, 2020
Privacy is a basic right and a necessary protection in the digital age to avoid victimization and manipulation.

See publication

Tags: Cybersecurity, Privacy

What are are the Top 5 CISO Frustrations?
CISO Platform
July 25, 2020
I was recently asked an interesting question: What are are the Top 5 CISO frustrations with the cybersecurity industry?

After a few minutes of deep thought, this is what I came up with.

See publication

Tags: Cybersecurity

Digital privacy: A double-edged sword
HelpNetSecurity
July 21, 2020
igital privacy is paramount to the global community, but it must be balanced against the proliferation of digital-first crimes, including child sexual abuse, human trafficking, hate crimes, government suppression, and identity theft. The more the world connects with each other, the greater the tension between maintaining privacy and protecting those who could be victimized.

See publication

Tags: Cybersecurity, Privacy, Social

The 10 Worst Cybersecurity Strategies
Medium
July 16, 2020
Counting down to the absolutely worst cybersecurity strategies. Sadly, these are all prevalent in the industry. Many organizations have failed spectacularly simply because they chose to follow a long-term path that leads to disaster.

See publication

Tags: Cybersecurity, Leadership, Risk Management

Will AI rescue the world from the impending doom of cyber-attacks or be the cause
mc.ai
July 08, 2020
There has been a good deal of publicized chatter about impending cyberattacks at an unprecedented scale and how Artificial Intelligence (AI) could help stop them. Not surprisingly much of the discussion is led by AI vendors in the cybersecurity space. Although they have a vested interest in raising an alarm, they do have a point. But it is only half the story.

See publication

Tags: AI, Cybersecurity

Teaching AI to be Evil with Unethical Data
Peerlyst
July 04, 2020
Artificial Intelligence has a weakness. Unethical training will result in an evil system. Now more than ever, we need a framework of AIEthics to ensure AI systems are created for the good of society.

See publication

Tags: AI, Cybersecurity, Emerging Technology

Profiling White-Hat Vulnerability Researchers
Medium.com
June 26, 2020
Bugcrowd has released some interesting survey data that provides insights into the white- hat vulnerability researcher community.

See publication

Tags: Cybersecurity

Killer Drones to be Available on the Global Arms Markets
Medium.com
June 24, 2020
Turkey may be the first customer for the Kargu series of weaponized suicide drones specifically developed for military use. These semi-autonomous devices have been in development since 2017 and will eventually be upgraded to operate collectively as an autonomous swarm to conduct mass synchronized attacks.

See publication

Tags: AI, Cybersecurity, Autonomous Vehicles

Intel Designs Chips to Protect from ROP Attacks
Medium
June 16, 2020
It looks like Intel Corporation's Control-Flow Enforcement Technology (CET) will finally be making into products. If it works and is adopted, it should disrupt ROP hacks.

See publication

Tags: Cybersecurity, Emerging Technology

Curiosity Labs Opens Free Test-Track for Autonomous Vehicle Innovation
Medium.com
June 05, 2020
Enabling better security, privacy, and safety

It is always nice to see projects that are open and free to use, to advance technology in secure, private, and safe ways. Curiosity Labs provides startups and established companies a no-cost real-world testing infrastructure to innovate smart city and transportation technologies.



See publication

Tags: Cybersecurity, Autonomous Vehicles, Privacy

Misunderstanding the Economic Factors of Cybercrime
Medium.com
May 30, 2020
A new study by Cambridge Cybercrime Centre titled Cybercrime is (often) boring: maintaining the infrastructure of cybercrime economies concludes that cybercrime is boring and recommends authorities change their strategy to highlight the tedium in order to dissuade the growth of cybercrime.

See publication

Tags: Cybersecurity

10 Areas of Change in Cybersecurity for 2020
Medium
May 11, 2020
Cybersecurity in 2020 will be evolutionary but not revolutionary. Although there is always change and churn, much of the foundational drivers remain relatively stable. Attacks in the next 12 months are likely to persist in ways already known but taking it up-a-notch and that will lead to a steady escalation between attackers and defenders.

See publication

Tags: AI, Cybersecurity, Privacy

Pivot to Telehealth Brings New Benefits and Risks
LinkedIn
April 27, 2020
Innovations in healthcare bring great benefits but also new risks to security, privacy, and safety.

See publication

Tags: Cybersecurity, Healthtech, Privacy

Preventing a Product Security Crisis
LinkedIn
April 17, 2020
How did Zoom end up in crisis? More importantly, how can these lessons help other businesses avoid a major product security crisis that drives customers away and creates a massive opportunity for competitors consume market share?

See publication

Tags: Cybersecurity, Privacy, Risk Management

Zoom in crisis: How to respond and manage product security incidents
HelpNetSecurity
April 15, 2020
Zoom is in crisis mode, facing grave and very public concerns regarding the trust in management’s commitment for secure products, the respect for user privacy, the honesty of its marketing, and the design decisions that preserve a positive user experience. Managing the crisis will be a major factor in determining Zoom’s future.

See publication

Tags: Cybersecurity, Privacy, Risk Management

My Pursuit Intensifies to Secure Digital Technology
linkedin
April 01, 2020
For over 30 years I have continually sought-out new professional challenges, been enticed at opportunities to overcome near-impossible obstacles, and have taken on new roles to further the cybersecurity industry.

See publication

Tags: Cybersecurity, Privacy

Cryptocurrency Fraud Reached $4.3 Billion in 2019
LinkedIn
February 18, 2020
Cryptocurrency fraud is aggressively on the rise and topped over $4 billion last year and is shocking to those who thought they had found an incredible investment in the cryptocurrency world, yet were swindled out of everything.

See publication

Tags: Cryptocurrency, Cybersecurity

There is No Easy Fix to AI Privacy Problems
Semiwiki.com
February 08, 2020
Artificial intelligence – more specifically, the machine learning (ML) subset of AI - has a number of privacy problems.

See publication

Tags: AI, Cybersecurity, Privacy

Avast Shuts Down its Data Sales Subsidiary Due to Privacy Backlash
CISO Platform
January 31, 2020
Avast was recently caught selling user's web browsing data. Shortly thereafter the CEO made an apology and announced they were ceasing the Jumpshot data collection activities and winding down company operations. It is time that privacy regulations improve. This situation is playing out again and again for freemium type services and only hints at the greater problem.

See publication

Tags: Big Data, Cybersecurity, Privacy

Privacy Day – Yes it Matters More than You Might Think
LinkedIn
January 28, 2020
Privacy matters to everyone! In fact, more than most people realize. It underpins the very nature of liberty and is a key pillar for online security. Celebrate Privacy Day, with a little more effort in protecting your personal data and supporting a digital world that respects privacy.

See publication

Tags: Cybersecurity, Privacy

Lessons from Microsoft’s 250 million data record exposure
HelpNetSecurity
January 24, 2020
Microsoft has one of the best security teams and capabilities of any organization in the technology industry, yet it accidentally exposed 250 million customer records in December 2019. As a former cyber incident commander for a major technology corporation, I can see a number of important lessons to be learned.

See publication

Tags: Cybersecurity, Leadership

There is no easy fix to AI privacy problems
HelpNetSecurity
January 23, 2020
Artificial intelligence – more specifically, the machine learning (ML) subset of AI – has a number of privacy problems.

See publication

Tags: AI, Cybersecurity, Privacy

Banks are Developing Digital Currencies and Opening Themselves to Cyber Risk
LinkedIn
December 31, 2019
Cybersecurity will be hard pressed to take on the new challenges of bank managed digital currencies. Banks are developing their own digital currencies. The introduction of Central Bank Digital Currencies (CBDC) is the beginning of an interesting trend that will change the cybersecurity dynamic for banking as it opens up an entirely new threat landscape.

See publication

Tags: Blockchain, Cybersecurity, Fintech

The 7 most dangerous digital technology trends
HelpNetSecurity
December 10, 2019
As our world embraces a digital transformation, innovative technologies bring greater opportunities, cost efficiencies, abilities to scale globally, and entirely new service capabilities to enrich the lives of people globally. But there is a catch. For every opportunity, there is a risk.

See publication

Tags: AI, Cybersecurity, Privacy

Cryptocurrency Exchange Hacks are on the Rise
Medium
December 09, 2019
Seven major cryptocurrency exchanges were victimized in 2019, totaling over $160 million in financial theft. As predicted, cybercriminal hackers targeted crypto exchanges in 2019 and the trend will continue into 2020.

See publication

Tags: Cryptocurrency, Cybersecurity, Privacy

Hackers Scan Massive Docker Instances to Mine Crypto
LinkedIn
November 27, 2019
Hackers are at it again, looking for vulnerable Docker instances so they can selfishly mine Monero.

See publication

Tags: Cryptocurrency, Cybersecurity

AI Based Defensive Systems Impact on Cybercriminal Strategy
PenTest Magazine
November 08, 2019
Good guys are working at a fever pitch to create pre-emptive adversarial attack models to find AI vulnerabilities. But threat actors are working just as fast to develop threats and have the resources (aka money) to build powerful cyber weapons. Who will win this race against time?

Some of California’s top security minds came together during National Cybersecurity Awareness Month to discuss the role of Artificial Intelligence (AI) in cybersecurity. Leading experts from both the private and public sectors joined our Inteligenca Cyber Salon to discuss both the promise and concern about AI. No doubt we heard during this talk that AI is controversial.

See publication

Tags: AI, Cybersecurity, Risk Management

Hacking Phones: How law Enforcement is Saving Privacy
DarkReading
October 30, 2019
In the battle between privacy and security, technology can bridge the gap allowing a healthy balance. We must not fear technology, but rather purposefully wield it in better ways with clear goals of benefits and limitations for abuse.

Here is my latest article, posted on Dark Reading, discussing one such path that may raise concerns with privacy advocates at first glance, but could result in a strategic win for everyone's privacy and security, except criminals.

See publication

Tags: Cybersecurity, Govtech, Privacy

Major Drone Attack Against Global Oil Production Showcases Weak Cybersecurity Thinking
LinkedIn
September 16, 2019
We are entering a new era for conflict that brings with it a synthesis of cyber and physical security that increases global safety risks. Attacks with connected technology, Internet-of-Things (IoT) devices, and Industrial IoT components are ramping up, now attaining levels with serious consequences. The cybersecurity industry is not prepared. It is time we revisit the deeper discussion of converged cybersecurity!

See publication

Tags: Cybersecurity, Digital Transformation, IoT

Criminals Luring in Bitcoin Sellers to Launder Money
LinkedIn
September 13, 2019
With the lure of big cash rewards, cybercriminals are luring-in the bitcoin community to become money laundering mules. This does not end well for anyone except the criminals.

See publication

Tags: Cryptocurrency, Cybersecurity, Social

Matthew Rosenquist Joins the Eclipz Advisory Board to make the World of Connected Data More Secure
LinkedIn
September 04, 2019
I am excited to announce that I am joining the Advisory Board of Eclipz! Such a great team working to make the connected world of data more secure across devices, services and even between untrusted endpoints.

See publication

Tags: Cybersecurity, Emerging Technology, Startups

NATO’s Collective Defense for Cyber Attack Remains Fragile
LinkedIn
September 03, 2019
NATO is far from implementing "collective defense"​ for cyber-attacks. Much work is still to be done before Article 5 is an effective deterrent.

See publication

Tags: Cybersecurity, Govtech, Leadership

Cryptocurrencies Should be Enabled to Blacklist Criminal Holdings
LinkedIn
August 28, 2019
Cryptocurrencies like Bitcoin are heavily targeted and exploited by cybercriminals. There may be something that can be done to assist law enforcement in revocating illicit assets, aid victims, and still preserve the fierce independence autonomy of public blockchain cryptocurrencies.

See publication

Tags: Cryptocurrency, Cybersecurity, Innovation

Do Not Pay Ransomware – A Lesson for Municipalities
Medium
August 19, 2019
Ransomware is getting worse, in part because victims are paying. Poor decisions of certain municipalities is having an impact on their peers. Stop paying criminals! They will be back, stronger than before.

See publication

Tags: Cybersecurity, Govtech

Joining the Advisory Board for the Techno Security & Digital Forensics Conference
LinkedIn
August 15, 2019
I am excited to announce I have accepted a position on the Techno Security & Digital Forensics Conference Advisory Board. I am honored to be part of this team to help drive education, awareness, training, and ethics across the digital forensics and cybersecurity industries.

See publication

Tags: Cryptocurrency, Cybersecurity, Digital Transformation

Binance Cryptocurrency Exchange Refuses to Pay Blackmailers Over a Possible Data Breach
LinkedIn
August 08, 2019
A blackmailer attempted to extort $3.5 million from the Binance cryptocurrency exchange, stating they would release confidential KYC (Know Your Customer) data. Binance has refused to pay the demands and is working with law enforcement to track down the cyber criminals.

See publication

Tags: Cryptocurrency, Cybersecurity, Privacy

Insider Threats in the Digital World are Sinister
LinkedIn
August 07, 2019
The compromise of AT&T is another example of the serious risks posed by insider threats. In this case an external attacker leverages the access and authority of internal people through bribes. Especially in digital environments, trusted insiders have incredible potential to do harm, cause disruption, and undermine trust. They are the submerged part of the cyber risk iceberg that we all must deal with.

See publication

Tags: Cybersecurity, Risk Management

Does Home Depot Respect Customer Privacy?
LinkedIn
July 29, 2019
Raising an issue with the privacy practices at HomeDepot. Why are they unnecessarily gathering personal information of its customers? A privacy savvy community should raise and amplify such issues to drive change.

See publication

Tags: Customer Experience, Cybersecurity, Privacy

Cryptocurrency Exchanges are Cyber Hackers Next Targets
LinkedIn
July 22, 2019
Where will online criminal hackers look next? Cryptocurrency. There are already hacks going on, but this will ramp up significantly as some of the more highly competent criminals are targeting cryptocurrency exchanges.

See publication

Tags: Cryptocurrency, Cybersecurity, Risk Management

Top 10 Things You Should Be Doing to Protect from Cyberattacks
LinkedIn
July 15, 2019
I get asked all the time for a quick answer to the question “How can I protect myself from getting attacked online?”. The simplified answer is to follow these Top 10 best practices.

See publication

Tags: Cybersecurity

Fight for Digital Privacy Rights Continue in Tech-Focused California
LinkedIn
June 27, 2019
The tech heartland of California is the latest battleground for privacy rights. Big tech companies are fighting to dilute upcoming legislation that will require more privacy protections. But is it enough? No! We need even better protections, accountability, and transparency of how our personal data is handled. This is the moment when ethical tech giants can either stand-up to do the right thing by leading the charge for the betterment of their users or lawyer-up to allow hidden practices, abuses, obfuscation, and deniability to continue for their financial gain.

See publication

Tags: Big Data, Cybersecurity, Privacy

Should Exploit Code be Published When Vulnerabilities are Made Public?
linkedin
April 18, 2019
On the heels of a recent report from Kaspersky Labs, discussions among security professionals have been stirred-up regarding the risks of publishing proof-of-concept code that may be helping hackers more than benefiting security. The topic has history and continues to be vigorously debated.

See publication

Tags: Cybersecurity, Privacy

Invitation to Innovators for Voting Technology Security
linkedin
April 15, 2019
Protecting our election infrastructure is crucial, yet security is lacking. Meaningful change starts with the spark of a great idea. I am looking forward to listening to all the excellent concepts for election security at the upcoming event in Sacramento CA. As India is now in the midst of having 900+ million people vote, we too need to figure a way to leverage digital tools for our democracy in a secure, private, trustworthy, and attestable way.

See publication

Tags: Cybersecurity

Role of the CISO: Top 3 Questions
linkedin
February 15, 2019
The role of Chief Information Security Officers (CISO) is evolving and requires a complex skill set. Long perceived as cost center that constrains the business in order to reduce losses from cyberattacks and to meet regulatory compliance, cybersecurity is now transforming into a critical function that must contribute to overall competitiveness.

See publication

Tags: Cybersecurity

Open Letter to the FTC – Bureau of Consumer Protection
linkedin
January 29, 2019
In December 2018 the FTC held hearings on Competition and consumer Protection in the 21st Century. A number of people spoke at the event and the FTC has graciously opened the discussion to public comments. The Federal Trade Commission has interest, certain responsibilities, and can affect changes to how data security evolves. This is our opportunity for the public to share its thoughts and concerns. I urge everyone to comment and provide your viewpoints and expertise to the FTC committee. Comments can be submitted electronically no later than March 13, 2019.

See publication

Tags: Cybersecurity, Privacy

When the Wrong Person Leads Cybersecurity
linkedin
November 19, 2018
Succeeding at managing cybersecurity risks is tremendously difficult even for seasoned professionals. To make situations worse, poorly suited people are often chosen to lead security organizations, bringing about disastrous results. This has contributed to weaker risk postures for organizations and the rapid turnover in cybersecurity leadership.

See publication

Tags: Cybersecurity, Privacy

Technology Transformation for 2019
linkedin
November 15, 2018
Digital technology continues to connect and enrich the lives of people all over the globe and is transforming the tools of everyday life, but there are risks accompanying the tremendous benefits. Entire markets are committed and reliant on digital tools. The entertainment, communications, socialization, and many others sectors are heavily intertwined with digital services and devices that society is readily consuming and embracing. More importantly, the normal downstream model for information has transformed into a bi-directional channel as individuals now represent a vast source of data, both in content as well as telemetry. These and many other factors align to accelerate our adoption and mold our expectations of how technology can make a better world.

See publication

Tags: Cybersecurity, Privacy

Should Companies be Allowed to ‘Hack Back’ after a Cyberattack
linkedin
September 30, 2018
Government officials and experts are weighing in on the concept of ‘hacking back’, the practice of potentially allowing U.S. companies to track down cyber attackers and retaliate.

See publication

Tags: Cybersecurity, Privacy

Beware Friendly Botnets
linkedin
September 18, 2018
The recently discovered Fbot, which finds systems infected with crypto-coin mining malware and scrubs them clean, may seem like a champion of good, but remember it is entering your system without your permission and modifying code and deleting files. We have seen other such ‘cleaner’ worms in the past, and the best advice is to be wary.

See publication

Tags: Cybersecurity, Privacy

“Unhackable” Product Claims are a Fiasco Waiting to Happen
linkedin
August 17, 2018
Those who think that that technology can be made ‘unhackable’, don't comprehend the overall challenges and likely don't understand what 'hacked' means.

See publication

Tags: Cybersecurity, Privacy

Slowing Innovation Should be a Cybersecurity Violation
linkedin
August 04, 2018
Risks come in many forms. Going too fast, being reckless, taking chances, etc. are easy to recognize warning signs. But what about the other end of the spectrum? Is going too slow ever bad? I say yes, especially when it unnecessarily impedes productivity, innovation, operational logistics and intentionally creates frustration of users.

See publication

Tags: Cybersecurity, Privacy

Cybersecurity Fails without Strategy
LinkedIn
July 17, 2018
Building and running a cybersecurity organization is a daunting task and most aren’t doing very well. The brutal reality is that the industry is struggling. Even as gains are made in the professional community, losses are skyrocketing in the face of security spending that is increasing to astronomical levels. Some estimates place losses to cybercrime alone at $6 trillion by 2021, doubling from $3 trillion in 2015, while security spending will top $1 trillion with expected double digit annual growth. These losses exceed the global illegal drug market and the security investment burden increases at an unsustainable rate. Even with massive investments over the years, the world continues to hemorrhage losses due to cyber-attacks. These damages are derived from individual organizations that have failed to erect and maintain viable defenses.

Companies in regulated industries and larger businesses will typically invest in an internal team to actively manage the cyber risks with a Chief Information Security Officer (CISO) at the helm. The current incarnation of the CISO position has not really been in widespread use for very long and the role has radically changed over the years. Where they report within the organization, what background and skills they possess, their overall responsibilities, and the desired experience for which they are hired varies wildly from one CISO to the next. The traditional CISO role focuses on protecting company assets, including preserving reputation, preventing downtime, securing data and financial assets, and ensuring regulatory compliance. But some companies are also using the CISO role as an external marketing ambassador to fuel visibility and drum up customers. So, in today’s world it is a mixed bag. Consequently, security teams are managed very differently and there is a major performance gap that needs to be addressed.

See publication

Tags: Cybersecurity, Leadership, Risk Management

Mylobot Showcases the Evolution of Modern Malware
linkedin
June 21, 2018
The recently discovered Mylobot aggregates 9 sophisticated features, highlighting how advanced malware is evolving. Stealth capabilities make it difficult for security tools to detect and protection aspects preserve its functionality over time.

See publication

Tags: Cybersecurity, Privacy

Cybersecurity Fails without Strategy
linkedin
June 17, 2018
Building and running a cybersecurity organization is a daunting task and most aren’t doing very well. The brutal reality is that the industry is struggling. Even as gains are made in the professional community, losses are skyrocketing in the face of security spending that is increasing to astronomical levels. Some estimates place losses to cybercrime alone at $6 trillion by 2021, doubling from $3 trillion in 2015, while security spending will top $1 trillion with expected double digit annual growth. These losses exceed the global illegal drug market and the security investment burden increases at an unsustainable rate. Even with massive investments over the years, the world continues to hemorrhage losses due to cyber-attacks. These damages are derived from individual organizations that have failed to erect and maintain viable defenses.

See publication

Tags: Cybersecurity, Privacy

3 Influencer Awards
Top Writer in Privacy by Medium
Medium
December 09, 2019
Honored to be named by Medium as one of the Top Writers in Privacy! Congrats to the entire list; a community that recognizes the importance and is actively championing the rights of privacy for all.

There can be no liberty without privacy!

https://medium.com/tag/privacy/top-writers

See publication

Tags: Cybersecurity, Privacy

2019 ADA award for Outstanding Leadership in Protecting People’s Information
Adaptable Security
October 05, 2019
I am truly grateful for being recognized with a 2019 ADA award for Outstanding Leadership in Protecting People’s Information. Bestowed during the Cybersecurity Symposium for Smart Cities 2019, where a tremendous community came together to discuss the challenges, risks, and opportunities facing smart cities.

See publication

Tags: Cybersecurity, Leadership, Risk Management

LinkedIn Top Voices 2018: Technology
LinkedIn
November 13, 2018
These are the 10 must-know writers and creators explaining everything from artificial intelligence to battling cyber threats.

See publication

Tags: Cybersecurity, Leadership

6 Keynotes
Matthew Rosenquist speaking at the Intel Cybersecurity Education Workshop
YouTube
September 12, 2019
Intel's cybersecurity strategist Matthew Rosenquist speaks at the educators' workshop on the industry challenges and academic needs for the next generation of cybersecurity professionals. Cybersecurity is challenging and graduating students must possess an increasing set of skills and perspectives in order to be successful. Matthew Rosenquist covers the growing risks, changes, and aspects of the digital security industry and provides a plan on how it must evolve with the help of educators.

See publication

Tags: Cybersecurity, Future of Work, Risk Management

Make America Secure Again - Pitch Event
Inteligenca
May 23, 2019
Cybersecurity innovation at its finest! It was my pleasure to moderate and be a panelist at the Make America Secure Again event in Sacramento, where innovators pitched ideas to strengthen the security of America's digital voting systems.

Protecting our election infrastructure is crucial, yet security is lacking. Meaningful change starts with the spark of a great idea. California again shows how it can reach out to the pool of great innovators to seek a variety of solutions for cybersecurity challenges. We must all work together to find ways of managing cyber risks. Outreach and innovation is key.

See publication

Tags: Cybersecurity, IoT, Leadership

The Verification of Truth: The Future of Digital Forensics and its Role in Cybersecurity
2019 Techno Security and Digital Forensics Conference
March 11, 2019
As the world embraces digital services and automation of critical systems, understanding risk, attributing actions, and deciphering attack methods will be crucial to the proliferation of connected technology. Trust is key, but transparency is greatly obscured. Forensics will grow to become the verification of truth and will play an ever-increasing role in understanding responsibility and controlling the dissemination of Fear, Uncertainty, and Doubt through actuarial data. Let’s explore the new areas, challenges, and opportunities for the bright future of digital forensics

See publication

Tags: Cybersecurity

Cybersecurity Risks and Recommendations – Where Your Focus Needs to Be
http://www.securitysystemsnews.com/blog/psa-tec-wrap
May 10, 2017
Technology convergence across cyber and physical security is driving change. Protection will evolve to include digital security, physical safety, and personal privacy.

See publication

Tags: Cybersecurity

How Cyber-Attacks are Changing the Expectations of Security, Privacy, and Safety
2017 ISC West conference
April 06, 2016
Cyber-attacks are an ever increasing problem that reaches out from the digital domain and into the physical world to impact the security, privacy and safety of people, businesses, and governments. The rapid growth of technology adoption and connectivity are driving new opportunities for attackers at an accelerating rate. The result is a radical shift in expectations by consumers and organizations for more comprehensive solutions, streamlined oversight, and clear accountability.

See publication

Tags: Cybersecurity, Privacy, Risk Management

Diversity in Cybersecurity Education
2016 ICT Educator Conference
January 07, 2016
The cybersecurity industry needs more people with greater diversity to fill the growing number of open positions. Intel is very active with internal corporate diversity efforts, establishing strong pipelines, and investing in diverse partners. Additionally, Intel is contributing to the formalization of cyber science degree standards to align educational programs to market demands.

See publication

Tags: Cybersecurity, HR, Diversity and Inclusion

18 Media Interviews
Future of Offensive Attack Simulation: Strategies, Tools, and Techniques
CISO Platform
November 24, 2020
In our recent Fireside chat episode in association with FireCompass, between Matthew Rosenquist, CISO Eclipz, and Bikash Barai, Co-Founder, FireCompass, we discussed a bunch of things related to the cybersecurity practices that are gaining momentum and about what the future holds.

See publication

Tags: Cybersecurity

How DevOps and Security Can Work Together
Endpoint.tanium.com
November 18, 2020
Software developers and security pros need to overcome their differences. It’s harder than it sounds, but best practices are emerging.

See publication

Tags: Cybersecurity

2020 Cyber Innovators Summit: Future Threat Panel
The Cyber Institute YouTube Channel
October 31, 2020
Future Cybersecurity Threats In 2021 & Beyond. Matthew Rosenquist, the Chief Information Security Officer (CISO) for Eclipz.io, a Cybersecurity Strategist, and an industry advisor speaks at the 2020 Cyber Innovators Summit's Future Threat panel.

See publication

Tags: Cybersecurity

The Role of Cyber Culture in a Cyber Strategy
RightHand Cybersecurity
October 29, 2020
Watch the recorded webinar "The Role of Cyber Culture in a Cyber Strategy". John (Jack) Roehrig, CISO at Turnitin, and Matthew Rosenquist, CISO and Cybersecurity Strategist at Eclipz.io, share insights on how to incorporate Cyber Culture as part of an organization's Cyber Strategy.

See publication

Tags: Cybersecurity

Podcast: From Reactive To Proactive — The Evolution Of Security And Of The CISO Role | With Matthew Rosenquist
ITSP Magazine
September 16, 2020
EPISODE SUMMARY
Once upon a time —not that long ago—the Information Security field had no rules, definitions, tools, or framework, and it was a new frontier to be discovered and conquered. Now, looking back, we sure have come a long way.

See publication

Tags: Cybersecurity, Leadership, Risk Management

The Only 2 Kinds of Cybersecurity Victims
Innovation Nation Podcast
August 11, 2020
We’re all working from home not thinking about cybercriminals at all.

They’re thinking about us, though.

In this very first episode of Innovation Nation, I interview Matthew Rosenquist, CISO at Eclipz.io, about cybercrime in the time of COVID-19.

What we talked about:

Hardware vs. software vs. wetware (people)
We’re vulnerable during quarantine not because technology but our behaviors
Cybersecurity issues that SMBs need to consider with IOT
Security fears that we have & education that we need

See publication

Tags: Cybersecurity, Privacy, Startups

What's next in Cybersecurity - and how SMEs can protect themselves - Episode #20
TÜV SÜD Safety First podcast
July 31, 2020
In this episode, Matthew Rosenquist, an internationally renowned US-American cybersecurity expert, shares his views on the new normal in cyber security with a special look at SMEs. All too often they are still an easy target for attackers. But with a few basic measures they can protect themselves more effectively. And this is not primarily a question of expensive IT technology.

See publication

Tags: Cybersecurity, Management, Risk Management

Crucial Tech, by Lou Covey - Matthew Rosenquist talks ethics, facial recognition and the potential benefits of AI
Crucial Tech
July 06, 2020
Matthew Rosenquist talks ethics, facial recognition and the potential benefits of AI. He provides an optimistic view of AI ethics and facial recognition, but we are still further than some might think from a successful deployment in the west.

See publication

Tags: AI, Cybersecurity, Privacy

'Cyber Risk Leaders' Tell All @ The Global Virtual Book Club EP 2
YouTube
May 29, 2020
Join Carmen Marsh, CEO of Inteligenca, and 'Cyber Risk Leaders' Author, Shamane Tan as they sit down with featured Cyber Risk Leaders from the book to discuss current cyber security challenges and share from their industry experiences.

In this episode, we meet with Matthew Rosenquist, CISO at Eclipz.io Inc in California who will be talking about the Artificial Intelligence's impact on Cyber Security Strategy.

AI is a tremendously powerful tool that is evolving at a ridiculous rate and being leveraged by both cyber attackers and defenders. It will radically change the cybersecurity strategies that protect our digital world.

See publication

Tags: AI, Cybersecurity

Cybersecurity Issues and Trends - Interview with CybxSecurity
CybxSecurity.com
March 24, 2020
My recent interview with Mark Byrne, from Cybx Security, covered a great range of cybersecurity questions, including new threats and solutions, Artificial Intelligence, DevSecOps, cybercrime, security impacts of Coronavirus, and the future of cybersecurity.

See publication

Tags: Cybersecurity, Risk Management, COVID19

The Entanglement of AI and Cybersecurity Podcast
linkedin
March 10, 2020
The boundaries of cybersecurity will be manipulated by the advances in Artificial Intelligence, the evolution of digital threats, and on ever-adapting leadership.

I had a great time being interviewed by Vaishali Lambe [Lisha] in her podcast SoLeadSaturday because we talked about how cybersecurity and AI are intertwined, how leadership is crucial, and the fact that technology tools are being used for both good and malicious purposes. The growing demands for a security-savvy workforce led us to explore the vast opportunities in the field. Emerging factors magnify the interesting swirls of competing challenges. To cap the discussion, we visualized the future of the industry and discussed the risks.

See publication

Tags: AI, Cybersecurity, Leadership

Past and Future Challenges for Security: ThinkTech Interviews Cybersecurity Strategist Matthew Rosenquist
ThinkTech: Hawaii
December 10, 2019
A look back at some of the missteps in 2019 across the convergence of cyber and physical security, with discussions on what challenges are ahead for the next year.

Thanks to Andrew Lanning for hosting me as a guest on the ThinkTech livestream show! Great questions and unscripted dialog about the evolving risks and opportunities of Artificial Intelligence, privacy, cybercrime, automation, and connected devices. Security matters!

Watch on YouTube: https://youtu.be/KQjuHVc3lbM

See publication

Tags: AI, Cybersecurity, Privacy

Thinkers360 Predictions Series – 2020 Predictions for Cybersecurity
Thinkers360
November 25, 2019
Having recently published our Top 50 Global Thought Leaders and Influencers on Cybersecurity, we asked a selection of our Thinkers360 global influencers about their predictions for Cybersecurity in 2020. Here’s what they told us…

See publication

Tags: Cybersecurity, Digital Transformation, Predictive Analytics

Humans, complacency, ignorance delay AV deployment
EEWeb
November 05, 2019
We have a long way to go before we see autonomous vehicles on the roads in any number

Is the autonomous vehicle (AV) going to be widely distributed in our lifetimes? Sure, just as soon as you eliminate human involvement, complacency and ignorance (was that repetitive?) from development. Until then, AVs are just going to be a rarity on the roads.

See publication

Tags: AI, Cybersecurity, Autonomous Vehicles

Winning the security fight: Tips for organizations and CISOs
HelpNetSecurity
October 09, 2019
For large organizations looking to build a robust cybersecurity strategy, failure to get the fundamentals in place practically guarantees a disaster. If you ask Matthew Rosenquist, a former Cybersecurity Strategist for Intel (now independent), overcoming denial of risk, employing the right cybersecurity leader, and defining clear goals are the three most critical objectives for avoiding a negative outcome.

See publication

Tags: Cybersecurity, Leadership, Risk Management

SuperDataScience Podcast - SDS 273: Predict, Prevent, Detect: Cyber Security
SuperDataScience.com
June 26, 2019
In this episode of the SuperDataScience Podcast, I chat with Matthew Rosenquist, one of the top leading world experts in the space of cybersecurity. You will learn what balance in cybersecurity means and what the dark web is. You will hear how Matthew's career developed and how he thinks about the strategy of cybersecurity. You will also learn about the valuable role of data science in cybersecurity and the steps you can take to get into this space.

If you enjoyed this episode, check out show notes, resources, and more at www.superdatascience.com/273

See publication

Tags: Analytics, AI, Cybersecurity

Evolving Risks of Cybercrime with Matthew Rosenquist
podcasts.apple.com
June 07, 2019
The Innovators Behind DISRUPTION - Episode 27 by Evolve ETFs
Evolving Risks of Cybercrime with Matthew Rosenquist
- Growing systemic challenges in cybersecurity
- How the public sector can protect itself from cybercrime
- The NSA and its role in the recent Baltimore ransomware attack
- Opinions on Baltimore’s decision not to pay their cyber attackers
- CEOs recognizing cybersecurity as a major business risk
- Cybersecurity demand and spend
- Government concerns about cyber threats
- Advice on how to protect yourself from cyber attacks

See publication

Tags: Cybersecurity, Risk Management

Don't trust a company to keep you safe
Podcasts.apple.com
March 12, 2019
Interview of Matthew Rosenquist, Cybersecurity Strategist. Podcast by Lou Covey
A range of topics, including nation state attacks, data breaches, ransomware, Artificial Intelligence, dark web, and the perception of perfect security

See publication

Tags: AI, Cybersecurity, Privacy

9 Panels
The Role of Cyber Culture in a Cyber Strategy
RightHand Cybersecurity
October 26, 2020
In an effort to evangelize October's Cybersecurity Awareness Month, join us on Wednesday, 28 October at 10AM PST to hear from Cybersecurity leaders on the importance of incorporating Cyber Culture as part of your organization's Cyber Strategy, and best practices to effectively do so.

See publication

Tags: Culture, Cybersecurity, Leadership

Cybersecurity & IoT Showcase 2020 Panel Discussion: Why Sacramento is Ripe to be a Cybersecurity Hub
StartupSac
October 20, 2020
The panel discussion, Why Sacramento is Ripe to be a Cybersecurity Hub, was a lively and engaging discussion. Moderated by Carmen Marsh and featuring Malcolm Harkins, Matthew Rosenquist, and George Usi, the panel discussed a broad range of topics including:

Why would someone pick Sacramento to start a cybersecurity product or services company?
What advice would you give an aspiring entrepreneur looking for innovative ideas? Suggestions about the roadmap for innovators
Where should cyber startups look for business opportunities/ projects?
Where can people find resources to get started or to find support for their ideas?
Where can they find mentors?
Where to look and find a skilled workforce?

See publication

Tags: Cybersecurity, Diversity and Inclusion, Startups

HMG Live! Silicon Valley CISO Executive Leadership Summit
Uptrennd
September 29, 2020
The CISO summit was a great virtual conference with insightful speakers. I had the pleasure of moderating the "Securing the Future of Work" panel, which begins at 1:43:34, with Rahul Kashyap CEO Awake Security, Lamont Orange CISO Netskope, and Laura Whitt-Winyard, CISO DLL Group.

The panel of experts shared their advice on how CISOs can drive success in securing the future of work. We discussed the challenges, valuable steps forward, and the greatest opportunity CISO should pursue.

See publication

Tags: Cybersecurity, Leadership

Expert Panel Discusses Cybersecurity in the New Normal
CISO Platform
June 10, 2020
Watch panelists Chris Roberts, G. Mark Hardy, and Matthew Rosenquist at VShield 2020

I had the honor to be on a distinguished panel with the incredibly knowledgeable G. Mark Hardy and the infamous white-hat hacker Chris Roberts. We discussed the evolution of cyber resilience, agility, and innovation in these troubling times.

Watch the panel as we discuss the following topics:
- Is Covid-19 a turning point for cybersecurity?
- Are Insider Threats increasing with the shift to remote workforces?
- Are trusted employees still the greatest threat? How can security help improve employee behaviors?
- Privacy: is it a government, business, or societal problem? What is the responsible approach? Should tech companies be compelled to unlock user devices, build-in backdoors, or use weak encryption algorithms?
- Are Bug Bounty programs good or evil for technology?
- How important is IoT security? Are the emerging risks being addressed or ignored across transportation, critical infrastructure, and government agencies?
- Nation States – will the cold war intensify?
- How will hardware and firmware insecurity for critical infrastructure play out? Where are the risks?
- What are the most important emerging topics in cybersecurity!

See publication

Tags: Cybersecurity, Privacy, COVID19

VShield 2020 Cybersecurity Conference
Medium
May 20, 2020
I have the honor of being on the Cyber Resilience, Agility and Innovation in the New Normal panel with the distinguished and infamous G.Mark Hardy and Chris Roberts. We will be discussing a wide range of cybersecurity topics that impact every digital citizen on the planet!

See publication

Tags: Cybersecurity, Emerging Technology, Privacy

Modern Successful SOC & Artificial Intelligence round-table
Cybersecurity Symposium for Smart Cities 2019
October 05, 2019
It was my honor to lead a round-table of superstars at the Cybersecurity Symposium for Smart Cities 2019. Talking about how cryptocurrency has become the economic vehicle of choice by cybercriminals and how the emerging AI revolution can both aid Security Operations, but also enhance the threats.

The digital revolution is an arms race where we must all work together to keep pace with the evolving attackers. A truly outstanding discussion with this group of luminaries and terrific audience participation!

Thanks to Sabrina Yuan Co-Founder & COO of SecuritAI, Joanna Hu Data Science Manager at Exabeam, and Dr. Victor Fang Founder and CEO of AnChain.ai

See publication

Tags: AI, Cryptocurrency, Cybersecurity

Shared Pain Points & Opportunities for Secure Smart Cities
Cybersecurity Symposium for Smart Cities 2019
October 05, 2019
Had a great time moderating a smashing panel at the Cybersecurity Symposium for Smart Cities 2019. Great insights from our CIO’s, standards, and best practices experts in identifying critical aspects for cities! Much thanks to Linda Gerull, Liza Massey, Olaf Gerd Gemin, and Jerry Cox

See publication

Tags: Cybersecurity, Digital Transformation, Risk Management

Ransomware: The Not-So Good, Really Bad, and Truly Ugly!
SecureWorld
August 18, 2018
RECORDED LIVE ON AUGUST 28, 2018 — WATCH ON-DEMAND
Ransomware is spreading at an alarming pace and infecting networks across all industries and company sizes, primarily through phishing attacks. The cyber criminals behind the attacks are furiously innovating and keeping ahead of defenses. In this web conference, we will have an interactive discussion on the latest in ransomware threats and how to best protect your organization and yourself against this growing threat.

This session will educate attendees about the newest features of ransomware strains designed to evade detection and spread in new and creative ways. It will also cover recent attacks and how the victim organizations could have better protected themselves.

The session will examine:
• Current phishing trends
• Ransomware and how it is infecting networks
• Effective mitigation strategies
• Recovering from an attack

See publication

Tags: Cybersecurity

Harnessing Cyber-Physical Security Technologies
Cyber: Secured Forum (cybersecuredforum.com)
June 05, 2018
A great panel discussion, led by Ray Coulombe of Security Specifiers, with Donal Keating from Microsoft and Jeff Crume of IBM. As the audience is a strong mix of both physical and cyber security professionals, we will discuss how the convergence of technology across both domains will rapidly change to open up new opportunities and risks. Expect topics around Internet-of-Things (IoT), Artificial Intelligence (AI), and blockchain to be discussed by the panel and open questions from the audience.

See publication

Tags: AI, Cybersecurity, IoT

1 Patent
Hardware-generated dynamic identifier
US Patent Office
June 29, 2017
In an example, there is disclosed an electronic apparatus, comprising: a hardware-encoded internal private key; and one or more logic elements comprising a key generation engine to: receive an third-party key; and operate on the third-party key and the internal private key to generate a hardware-generated dynamic identifier (HGDI). There is also disclosed a method of providing an HGDI engine, and one or more computer-readable mediums having stored thereon executable instructions for providing an HGDI.

See publication

Tags: Cybersecurity, Innovation

1 Quote
Can Google’s New AI Ethics Service Be Of Any Help?
Analytics India Magazine
September 03, 2020
With biases in algorithms becoming a prime concern for companies, Google’s cloud division has come out with their new AI Ethics Services for helping in AI solutions. Planning to launch it by the end of this year, the tech giant, according to the news, will be offering its AI ethics services to companies who are working on AI projects.

See publication

Tags: AI, Cybersecurity, Privacy

5 Speaking Engagements
HMG Live! CISO Virtual Summit
Medium
August 20, 2020
Mark your calendars. The HMG Live! Silicon Valley CISO Virtual Summit, on Aug 25th 10am Pacific, is a conference for #cybersecurity professionals interested in the latest perspectives on the shifting risks and opportunities of future business

See publication

Tags: Cybersecurity, Future of Work

Evolving Risks of Cybercrime with Matthew Rosenquist podcast
https://evolveetfs.com/podcasts/
June 07, 2019
Interviewed by Raj Lala, the CEO at Evolve ETFs in his podcast The Innovators Behind Disruption. In the
"Evolving Risks of Cybercrime with Matthew Rosenquist" episode, we covered a number of interesting topics, including the growing challenges in cybersecurity, rise in cybercrime, challenges of ransomware, what governments are worried about, and how to protect yourself.

See publication

Tags: Cybersecurity, Fintech, Risk Management

Cyber/Physical Convergence
2017 InfraGard Atlanta conference
January 18, 2017
Matthew Rosenquist's presentation at the 2017 InfraGard Atlanta conference, discussing the convergence between cyber and physical security.

See publication

Tags: Cybersecurity, Risk Management

The True Cost of Data Breaches - Not Just a Dollar per Record
CyberEd.io
March 22, 2016
When an organization suffers a data breach, a number of challenges, impacts, and business decisions contribute to the total of all the associated costs. The scope extends beyond a fixed dollar-per-stolen-record calculation, as it invariably includes expenditures for new security measures, legal fees, third-party forensic services, changes to business processes, as well as a loss of reputation and customer goodwill.

There is a complex set of chain reactions which occur after every significant data breach, each adding its own contribution to the overall cost and business impact.

In this session we'll discuss some real-world experiences regarding data breaches, how the costs exceed the typical dollar-per-record measure, and how organizations are adapting to learn from their experiences. We will also examine what the future holds, as attackers adapt and shift towards new data manipulation methods.

See publication

Tags: Cybersecurity, Risk Management

Upgrading to an APT-Capable Defense: Where To Start, How To Get Funding And See Immediate Reduction In Risk
Cybered.io
February 26, 2016
A complete defense cannot be deployed overnight. There are multiple people, process and technology components to consider and implement. In this session, we will help identify where and how resources can be focused to have the biggest immediate risk reduction, discuss lessons learned from real-world deployments and learn how to gain executive sponsorship of the program as a whole, to build momentum and help guarantee success.

See publication

Tags: Cybersecurity

28 Videos
Finding the Next SolarWinds Type of Supply Chain Attack
Medium
January 20, 2021
The SolarWinds compromise showed that supply-chain attacks are possible and the ramifications can be tremendously impactful. Other nation states will be investing in efforts to duplicate this success. That makes IT tools, security products, hardware & firmware vendors, and cloud service providers prime targets for exploitation.

See publication

Tags: Cybersecurity, Supply Chain

Cybersecurity Value is About Protecting Intangible Assets
Medium.com
January 14, 2021
Intangibles now account for 90% of the S&P’s total assets and it is no accident that the core of cybersecurity has evolved to protect those aspects of the business. It is a natural progression for security to align with protecting the most important assets. This is a crucial element when communicating the value and relevance to audiences.

See publication

Tags: Cybersecurity, Leadership, Risk Management

Why are Cybersecurity Roles Confusing
Medium.com
January 11, 2021
The cybersecurity field is dynamic and the roles and responsibilities are ever changing. People coming into the cybersecurity field often expect clearly defined positions and are surprised at the significant variance when looking at job descriptions or talking with professionals.

See publication

Tags: Cybersecurity, Management, Privacy

The CISO Dilemma - When Leadership Ignores Risks
YouTube
December 24, 2020
What should a CISO do when the executive leadership chooses to ignore critical cyber risks? If the C-Suite and board are well informed of imperative vulnerabilities and yet choose a path to ignore security, the CISO is put in a position where they are incapable of effectively managing risk, yet still responsible when incidents occur.

Let’s break down the problem, from what a CISO must do, how people disposition risks, and finally the recommended actions.

See publication

Tags: Cybersecurity, Leadership, Risk Management

Objectives of Nation State Cyber Attackers
YouTube
December 21, 2020
It is important to look into the motivations of government orchestrated cyberattacks, such as SolarWinds, as understanding the threat-agent’s objectives can provide important insights to their long-term goals and potential next steps.

Today I discuss the 4 primary reasons why Nation States conduct cyber warfare activities and evaluate that against what we currently know of the SolarWinds hack to gain a better sense of the scale and strategic value to the infiltrators.

See publication

Tags: Cybersecurity

Leaders and Losers of the SolarWinds Hack
YouTube
December 20, 2020
The SolarWinds hack has had a significant ripple effect on the cybersecurity community, with over 18k organizations discovered to be severely vulnerable and at the mercy of nation-state hackers. The security community realized some of the biggest companies, most sensitive government agencies, and critical infrastructure were at risk. Some organizations have shown leadership, most have remained quiet, and a few have decided to take advantage of the fear to sell their wares and pursue profits.

Time to call out the leaders and deceivers.

See publication

Tags: Cybersecurity

Missing the Big Picture from the SolarWinds Hack
YouTube
December 15, 2020
The cybersecurity industry is consumed with scale and effectiveness of one of the biggest hacks in recent memory. The emerging narrative and stories are missing important pieces of the puzzle. The attackers, likely a nation-state, gained unprecedented access to the U.S. government, military, critical infrastructure, and most major businesses. The full scope and reasons are not clear, but it is imperative to figure out. The mystery must be solved, for the benefit of everyone, so we can prepare for what is next.

See publication

Tags: Cybersecurity

Evolution of Law Enforcement is Driving Changes Cryptocurrency
LinkedIn
December 14, 2020
There is an important transition that is happening with law enforcement’s adaptation to digital currencies. Authorities are seizing billions worth of criminal’s cryptocurrency and their improving skills are proving crypto is not the safe haven that criminals thought it to be.


See publication

Tags: Cryptocurrency, Cybersecurity

FireEye Hacked – A Stark Reminder of Cybersecurity Risks
YouTube
December 10, 2020
Even the best security organizations can be hacked! Watch my message to both the cybersecurity industry as well as those attackers that hacked FireEye and stole the RedTeam tools. This skirmish went to the hackers, but the battle continues.

See publication

Tags: Cybersecurity

Apple App Store Will Require Privacy Transparency
YouTube
December 07, 2020
Apple is instituting new privacy requirements, for all new applications being listed in the App Store, to enhance transparency and educate users. It is an important step, but additional measures are needed to ensure compliance.

See publication

Tags: Privacy

Why TrickBot Malware may be a Game Changer for Cybersecurity
YouTube
December 04, 2020
Cyber attackers continue to move down the compute stack with the latest variant of TrickBot now targeting firmware for malicious manipulations. This is when it gets serious.

See publication

Tags: Cybersecurity

Some Justice for Phone Scammers
YouTube
December 02, 2020
Some justice was delivered to the leader of a major phone scam ring based out of India. You are probably familiar with those spam calls that threaten money is owed to the IRS and if you don’t pay over-the-phone you will be arrested. Total scam. This criminal will be spending some quality time behind bars, thanks to the U.S Dept of Justice and international cooperation. A good day.

See publication

Tags: Cybersecurity

Top 3 Recommendations to Avoid Online Holiday Fraud and Scams
YouTube
December 01, 2020
The holidays are a time for increased online fraud and scams. All of us need to follow the best security practices to keep our holiday from turning into a digital disaster.

The Cybersecurity Infrastructure Security Agency (CISA.Gov) has some good tips for safe online shopping https://www.cisa.gov/shop-safely

See publication

Tags: Cybersecurity

Disable Amazon Sidewalk for Now
YouTube
November 25, 2020
Amazon is releasing their Sidewalk network feature that opens users home network to connect with neighbors that also have Amazon products like the Echo devices and Ring security cameras. Amazon is turning Sidewalk ON by DEFAULT! That is concerning. Such a network could enable a host of new capabilities but might also introduce new cyber risks to participants.

See publication

Tags: Cybersecurity

Intel in Denial of the Latest SGX Secure Enclave Vulnerability
YouTube
November 19, 2020
Another vulnerability and exploit named VoltPillager has been published for Intel Corporation's SGX security technology. The most disturbing aspect is not the vulnerability itself, but rather how Intel has responded to researchers and news outlets. Pure denial.

As a shareholder and former employee, I am gravely disappointed!

See publication

Tags: Cybersecurity

New Zealand Releases a Privacy Data Breach Self Test Tool
YouTube
November 16, 2020
The small country of New Zealand is showing great privacy leadership by releasing a tool to help businesses determine if a cybersecurity incident is considered a Data Breach.

See publication

Tags: Privacy

Inaccurate Predictions about Cybersecurity is Dangerous
Medium.com
November 12, 2020
I may offend some people, so for those who don’t want to hear my rant, skip this video.
Recent cybersecurity predictions aren’t just wrong, they are dangerous
I am disappointed in the recent comments that Michelle Zatlyn, the co-founder and COO of Cloudflare, made regarding the future of cybersecurity.
She stated Cybersecurity would be “a thing of the past the next decade” and that instead it will work like a water filtration system.
She is wrong. Dead wrong.


See publication

Tags: Cybersecurity

Deloitte's 'Test your Hacker IQ' Proves Vulnerable to being Hacked
YouTube
November 10, 2020
A website tied to an event that quizzed people on their hacking knowledge, launched by major a security consultancy firm, is itself vulnerable to being hacked. This incident showcases a number of important lessons for every organization that wants to avoid such embarrassment.

See publication

Tags: Cybersecurity

U.S. Dept of Justice seizes $1 billion in Bitcoin
YouTube
November 09, 2020
A billion-dollar mystery has been solved. Cryptocurrency watchers were stunned when they recently saw a billion dollars of #Bitcoin being moved from a very old account that has been inactive for years.

U.S. Dept of Justice unsealed court filings related to the Ross Ulbricht 2015 Silk Road case. This is momentous! Such a seizure puts most others to shame and it will likely drive some changes in law enforcement. In the video, I discuss how this case will change enforcement and criminal practices moving forward.

See publication

Tags: Cryptocurrency

Intel’s Secret Key to Decrypt Microcode Patches is Exposed
YouTube
November 02, 2020
Vulnerability researchers hacked Intel’s update process and captured the secret key that decrypts Intel microcode updates. This important finding exposes another layer of security that protects CPUs from malicious manipulations. Intel’s response downplays the true significance, seeking to pacify concerns, while ignoring the strategic implications.

See publication

Tags: Cybersecurity

Cybersecurity Awareness Month – Accept My Challenge
YouTube
October 25, 2020
October is Cybersecurity Awareness Month. It is a time to consider the risks we accept everyday when using computers and what we can do to better protect ourselves.

I have a challenge for each and every person. Something that will help people individually and everyone collectively.

See publication

Tags: Culture, Cybersecurity, Social

NSA Reveals the Top Vulnerabilities Exploited by China
YouTube
October 23, 2020
The U.S. National Security Agency knows which vulnerabilities China backed hackers are exploiting the most to gain access to sensitive data.

The Chinese state-sponsored information gathering engine is a vacuum when it comes to acquiring information from foreign companies and countries.

See publication

Tags: Cybersecurity, Risk Management

Charges Against Russian Nation-State Hackers Sends a Message
Medium
October 22, 2020
The U.S. Department of Justice filed charges against six Russian agents, identified as members of the APT group known as Sandworm. The unsealed documents reveal that the six suspects are all current or have former ties to the Russian foreign intelligence agency, the GRU. The charges outline how this group is supported and coordinated by the Russian government to conduct hacks against people and governments around the world, including taking down the Ukraine power network and unleashing NotPetya malware, one of the most damaging in history.

See publication

Tags: Cybersecurity, Govtech

Cyber Threats Enhance Phishing with AI and Worm Functions for Rapid Disruption
Medium
October 20, 2020
New phishing malware leverages Artificial Intelligence and worm functionality to rapidly spread to contacts of victims. By leveraging previously established relationships the malware can bypass technical controls and easily fool new targets into becoming infected.

See publication

Tags: AI, Cybersecurity

Apple T2 Chip Vulnerability Challenges the Industry
Intel Corp
October 18, 2020
Recent verified reports highlight exploitable vulnerabilities in Apple’s security chip that cannot be patched! The announcement adds to the growing concerns and shifting perceptions about hardware security.

See publication

Tags: Customer Experience, Cybersecurity, Privacy

Is Paying Ransomware Now Illegal?
Medium
October 16, 2020
Security experts say don’t pay ransomware, but now the U.S. Treasury Department is now declaring it illegal! Every company on the Internet must deal with the threat and emerging regulations.
Ransomware continues to be a growing problem because victims have been rewarding the attackers. If regulations expand, the option to pay-off the criminals will no longer be viable. We must address ransomware in a more proactive way. It is time to get focused and start thinking strategically.
Subscribe to my new YouTube channel for more Cybersecurity Insights, rants, news, and perspectives.


See publication

Tags: Cybersecurity

Microsoft's New Tactics Disrupts Trickbot Ransomware
YouTube
October 13, 2020
Microsoft and partners have taken down the Trickbot ransomware infrastructure. That is a temporary relief, as the cybercriminals will soon adapt. The bigger picture is how the Microsoft Digital Crimes Unit (DCU) has created a template and partnerships to better target and disrupt future malware campaigns!

See publication

Tags: Cybersecurity

Should Governments be Responsible for Protecting the Internet?
YouTube
October 12, 2020
Does society want governments to take on the role of protecting the Internet? Should the Internet be considered a Critical Infrastructure and therefore be overseen by governments? Will such actions undermine privacy and liberty or will it be demanded by citizens to protect personal access and online security?

See publication

Tags: Cybersecurity, Digital Transformation, Privacy

1 Webinar
Webinar: The Role of Cyber Culture in a Cyber Strategy
YouTube
October 29, 2020
Watch the recorded version of the webinar "The Role of Cyber Culture in a Cyber Strategy". Our guest speakers Jack Roehrig, CISO at Turnitin, and Matthew Rosenquist, CISO at Eclipz, shared great insights on how to incorporate Cyber Culture as part of your organization's Cyber Strategy, and best practices to effectively do so.

See publication

Tags: Cybersecurity, Management, Business Strategy

1 Webinar
Future of Offensive Attack Simulation: Strategies, Tools & Techniques
Medium
November 18, 2020
A hack is executed every 39 seconds and impacts one in three Americans every year.
Join us in the discussion on Future of Offensive Attack Simulation: Strategies, Tools & Techniques with Bikash Barai and Matthew Rosenquist

See publication

Tags: Cybersecurity

3 Whitepapers
McAfee Labs 2017 Threats Predictions
McAfee
November 30, 2016
McAfee Labs explores top threats expected in the coming year.

Welcome to the McAfee Labs 2017 Threats Predictions
report. We have split this year’s report into two sections.
The first section digs into three very important topics,
looking at each through a long lens.

The second section makes specific predictions about
threats activity in 2017. Our predictions for next year
cover a wide range of threats, including ransomware,
vulnerabilities of all kinds, the use of threat intelligence
to improve defenses, and attacks on mobile devices.

See publication

Tags: Cybersecurity, Risk Management

Prioritizing Information Security Risks with Threat Agent Risk Assessment
Intel Corp
January 05, 2010
Matthew Rosenquist, while at Intel Corp developed a threat agent risk assessment (TARA) methodology that distills the immense number of possible information security attacks into a digest of only those exposures most likely to occur. This methodology identifies threat agents that are pursuing objectives which are reasonably attainable and could cause unsatisfactory losses to Intel.

It would be prohibitively expensive and impractical to defend every possible vulnerability. By using a predictive methodology to prioritize specific areas of concern, we can both proactively target the most critical exposures and efficiently apply our resources for maximum results. The TARA methodology identifies which threat agents pose the greatest risk, what they want to accomplish, and the likely methods they will employ. These methods are cross-referenced with existing vulnerabilities and controls to pinpoint the areas that are most exposed. Our security strategy then focuses on these areas to minimize efforts while maximizing effect.

See publication

Tags: Analytics, Cybersecurity, Risk Management

Defense In Depth Strategy Optimizes Security
Intel Corp
September 30, 2008
Matthew Rosenquist of Intel IT has developed a Defense-in-Depth strategy that optimizes security using interlocking predictions, prevention, detection, and response capabilities. We recognize that attackers are human opponents who constantly evolve new tactics and that it would be prohibitively expensive and near impossible to protect against every vulnerability. Our strategy uses prediction to gain insights into the most likely threats, attack methods, and targets. This allows a proactive and efficient focus of resources.

See publication

Tags: Cybersecurity, Innovation, Risk Management

Blog

Opportunities

1 Business
Cybersecurity Strategy Advisement and Event Speaker

Location: Virtual    Date Available: October 01st, 2020    Fees: Negotiable

Submission Date: September 16th, 2020    Service Type: Service Offered

Insights and recommendations on emerging cybersecurity threats, business opportunities, and best practices.

30 years of experience and industry advising to academia, businesses, governments, and audiences across the globe.

Respond to this opportunity

Contact Matthew Rosenquist

Media Kit

Share Profile

Contact Info

  Profile

Matthew Rosenquist

Latest Tweets