My Pursuit Intensifies to Secure Digital Technology
linkedin
April 01, 2020
For over 30 years I have continually sought-out new professional challenges, been enticed at opportunities to overcome near-impossible obstacles, and have taken on new roles to further the cybersecurity industry.
See publication
Tags: Cybersecurity, Privacy
Cryptocurrency Fraud Reached $4.3 Billion in 2019
LinkedIn
February 18, 2020
Cryptocurrency fraud is aggressively on the rise and topped over $4 billion last year and is shocking to those who thought they had found an incredible investment in the cryptocurrency world, yet were swindled out of everything.
See publication
Tags: Cryptocurrency, Cybersecurity
There is No Easy Fix to AI Privacy Problems
Semiwiki.com
February 08, 2020
Artificial intelligence – more specifically, the machine learning (ML) subset of AI - has a number of privacy problems.
See publication
Tags: AI, Cybersecurity, Privacy
Avast Shuts Down its Data Sales Subsidiary Due to Privacy Backlash
CISO Platform
January 31, 2020
Avast was recently caught selling user's web browsing data. Shortly thereafter the CEO made an apology and announced they were ceasing the Jumpshot data collection activities and winding down company operations. It is time that privacy regulations improve. This situation is playing out again and again for freemium type services and only hints at the greater problem.
See publication
Tags: Big Data, Cybersecurity, Privacy
Privacy Day – Yes it Matters More than You Might Think
LinkedIn
January 28, 2020
Privacy matters to everyone! In fact, more than most people realize. It underpins the very nature of liberty and is a key pillar for online security. Celebrate Privacy Day, with a little more effort in protecting your personal data and supporting a digital world that respects privacy.
See publication
Tags: Cybersecurity, Privacy
Lessons from Microsoft’s 250 million data record exposure
HelpNetSecurity
January 24, 2020
Microsoft has one of the best security teams and capabilities of any organization in the technology industry, yet it accidentally exposed 250 million customer records in December 2019. As a former cyber incident commander for a major technology corporation, I can see a number of important lessons to be learned.
See publication
Tags: Cybersecurity, Leadership
There is no easy fix to AI privacy problems
HelpNetSecurity
January 23, 2020
Artificial intelligence – more specifically, the machine learning (ML) subset of AI – has a number of privacy problems.
See publication
Tags: AI, Cybersecurity, Privacy
Banks are Developing Digital Currencies and Opening Themselves to Cyber Risk
LinkedIn
December 31, 2019
Cybersecurity will be hard pressed to take on the new challenges of bank managed digital currencies. Banks are developing their own digital currencies. The introduction of Central Bank Digital Currencies (CBDC) is the beginning of an interesting trend that will change the cybersecurity dynamic for banking as it opens up an entirely new threat landscape.
See publication
Tags: Blockchain, Cybersecurity, Fintech
The 7 most dangerous digital technology trends
HelpNetSecurity
December 10, 2019
As our world embraces a digital transformation, innovative technologies bring greater opportunities, cost efficiencies, abilities to scale globally, and entirely new service capabilities to enrich the lives of people globally. But there is a catch. For every opportunity, there is a risk.
See publication
Tags: AI, Cybersecurity, Privacy
Cryptocurrency Exchange Hacks are on the Rise
Medium
December 09, 2019
Seven major cryptocurrency exchanges were victimized in 2019, totaling over $160 million in financial theft. As predicted, cybercriminal hackers targeted crypto exchanges in 2019 and the trend will continue into 2020.
See publication
Tags: Cryptocurrency, Cybersecurity, Privacy
Hackers Scan Massive Docker Instances to Mine Crypto
LinkedIn
November 27, 2019
Hackers are at it again, looking for vulnerable Docker instances so they can selfishly mine Monero.
See publication
Tags: Cryptocurrency, Cybersecurity
AI Based Defensive Systems Impact on Cybercriminal Strategy
PenTest Magazine
November 08, 2019
Good guys are working at a fever pitch to create pre-emptive adversarial attack models to find AI vulnerabilities. But threat actors are working just as fast to develop threats and have the resources (aka money) to build powerful cyber weapons. Who will win this race against time?
Some of California’s top security minds came together during National Cybersecurity Awareness Month to discuss the role of Artificial Intelligence (AI) in cybersecurity. Leading experts from both the private and public sectors joined our Inteligenca Cyber Salon to discuss both the promise and concern about AI. No doubt we heard during this talk that AI is controversial.
See publication
Tags: AI, Cybersecurity, Risk Management
Hacking Phones: How law Enforcement is Saving Privacy
DarkReading
October 30, 2019
In the battle between privacy and security, technology can bridge the gap allowing a healthy balance. We must not fear technology, but rather purposefully wield it in better ways with clear goals of benefits and limitations for abuse.
Here is my latest article, posted on Dark Reading, discussing one such path that may raise concerns with privacy advocates at first glance, but could result in a strategic win for everyone's privacy and security, except criminals.
See publication
Tags: Cybersecurity, Govtech, Privacy
Major Drone Attack Against Global Oil Production Showcases Weak Cybersecurity Thinking
LinkedIn
September 16, 2019
We are entering a new era for conflict that brings with it a synthesis of cyber and physical security that increases global safety risks. Attacks with connected technology, Internet-of-Things (IoT) devices, and Industrial IoT components are ramping up, now attaining levels with serious consequences. The cybersecurity industry is not prepared. It is time we revisit the deeper discussion of converged cybersecurity!
See publication
Tags: Cybersecurity, Digital Transformation, IoT
Criminals Luring in Bitcoin Sellers to Launder Money
LinkedIn
September 13, 2019
With the lure of big cash rewards, cybercriminals are luring-in the bitcoin community to become money laundering mules. This does not end well for anyone except the criminals.
See publication
Tags: Cryptocurrency, Cybersecurity, Social
Matthew Rosenquist Joins the Eclipz Advisory Board to make the World of Connected Data More Secure
LinkedIn
September 04, 2019
I am excited to announce that I am joining the Advisory Board of Eclipz! Such a great team working to make the connected world of data more secure across devices, services and even between untrusted endpoints.
See publication
Tags: Cybersecurity, Emerging Technology, Startups
NATO’s Collective Defense for Cyber Attack Remains Fragile
LinkedIn
September 03, 2019
NATO is far from implementing "collective defense" for cyber-attacks. Much work is still to be done before Article 5 is an effective deterrent.
See publication
Tags: Cybersecurity, Govtech, Leadership
Cryptocurrencies Should be Enabled to Blacklist Criminal Holdings
LinkedIn
August 28, 2019
Cryptocurrencies like Bitcoin are heavily targeted and exploited by cybercriminals. There may be something that can be done to assist law enforcement in revocating illicit assets, aid victims, and still preserve the fierce independence autonomy of public blockchain cryptocurrencies.
See publication
Tags: Cryptocurrency, Cybersecurity, Innovation
Do Not Pay Ransomware – A Lesson for Municipalities
Medium
August 19, 2019
Ransomware is getting worse, in part because victims are paying. Poor decisions of certain municipalities is having an impact on their peers. Stop paying criminals! They will be back, stronger than before.
See publication
Tags: Cybersecurity, Govtech
Joining the Advisory Board for the Techno Security & Digital Forensics Conference
LinkedIn
August 15, 2019
I am excited to announce I have accepted a position on the Techno Security & Digital Forensics Conference Advisory Board. I am honored to be part of this team to help drive education, awareness, training, and ethics across the digital forensics and cybersecurity industries.
See publication
Tags: Cryptocurrency, Cybersecurity, Digital Transformation
Binance Cryptocurrency Exchange Refuses to Pay Blackmailers Over a Possible Data Breach
LinkedIn
August 08, 2019
A blackmailer attempted to extort $3.5 million from the Binance cryptocurrency exchange, stating they would release confidential KYC (Know Your Customer) data. Binance has refused to pay the demands and is working with law enforcement to track down the cyber criminals.
See publication
Tags: Cryptocurrency, Cybersecurity, Privacy
Insider Threats in the Digital World are Sinister
LinkedIn
August 07, 2019
The compromise of AT&T is another example of the serious risks posed by insider threats. In this case an external attacker leverages the access and authority of internal people through bribes. Especially in digital environments, trusted insiders have incredible potential to do harm, cause disruption, and undermine trust. They are the submerged part of the cyber risk iceberg that we all must deal with.
See publication
Tags: Cybersecurity, Risk Management
Does Home Depot Respect Customer Privacy?
LinkedIn
July 29, 2019
Raising an issue with the privacy practices at HomeDepot. Why are they unnecessarily gathering personal information of its customers? A privacy savvy community should raise and amplify such issues to drive change.
See publication
Tags: Customer Experience, Cybersecurity, Privacy
Cryptocurrency Exchanges are Cyber Hackers Next Targets
LinkedIn
July 22, 2019
Where will online criminal hackers look next? Cryptocurrency. There are already hacks going on, but this will ramp up significantly as some of the more highly competent criminals are targeting cryptocurrency exchanges.
See publication
Tags: Cryptocurrency, Cybersecurity, Risk Management
Top 10 Things You Should Be Doing to Protect from Cyberattacks
LinkedIn
July 15, 2019
I get asked all the time for a quick answer to the question “How can I protect myself from getting attacked online?”. The simplified answer is to follow these Top 10 best practices.
See publication
Tags: Cybersecurity
Fight for Digital Privacy Rights Continue in Tech-Focused California
LinkedIn
June 27, 2019
The tech heartland of California is the latest battleground for privacy rights. Big tech companies are fighting to dilute upcoming legislation that will require more privacy protections. But is it enough? No! We need even better protections, accountability, and transparency of how our personal data is handled. This is the moment when ethical tech giants can either stand-up to do the right thing by leading the charge for the betterment of their users or lawyer-up to allow hidden practices, abuses, obfuscation, and deniability to continue for their financial gain.
See publication
Tags: Big Data, Cybersecurity, Privacy
Should Exploit Code be Published When Vulnerabilities are Made Public?
linkedin
April 18, 2019
On the heels of a recent report from Kaspersky Labs, discussions among security professionals have been stirred-up regarding the risks of publishing proof-of-concept code that may be helping hackers more than benefiting security. The topic has history and continues to be vigorously debated.
See publication
Tags: Cybersecurity, Privacy
Invitation to Innovators for Voting Technology Security
linkedin
April 15, 2019
Protecting our election infrastructure is crucial, yet security is lacking. Meaningful change starts with the spark of a great idea. I am looking forward to listening to all the excellent concepts for election security at the upcoming event in Sacramento CA. As India is now in the midst of having 900+ million people vote, we too need to figure a way to leverage digital tools for our democracy in a secure, private, trustworthy, and attestable way.
See publication
Tags: Cybersecurity
Role of the CISO: Top 3 Questions
linkedin
February 15, 2019
The role of Chief Information Security Officers (CISO) is evolving and requires a complex skill set. Long perceived as cost center that constrains the business in order to reduce losses from cyberattacks and to meet regulatory compliance, cybersecurity is now transforming into a critical function that must contribute to overall competitiveness.
See publication
Tags: Cybersecurity
Open Letter to the FTC – Bureau of Consumer Protection
linkedin
January 29, 2019
In December 2018 the FTC held hearings on Competition and consumer Protection in the 21st Century. A number of people spoke at the event and the FTC has graciously opened the discussion to public comments. The Federal Trade Commission has interest, certain responsibilities, and can affect changes to how data security evolves. This is our opportunity for the public to share its thoughts and concerns. I urge everyone to comment and provide your viewpoints and expertise to the FTC committee. Comments can be submitted electronically no later than March 13, 2019.
See publication
Tags: Cybersecurity, Privacy
When the Wrong Person Leads Cybersecurity
linkedin
November 19, 2018
Succeeding at managing cybersecurity risks is tremendously difficult even for seasoned professionals. To make situations worse, poorly suited people are often chosen to lead security organizations, bringing about disastrous results. This has contributed to weaker risk postures for organizations and the rapid turnover in cybersecurity leadership.
See publication
Tags: Cybersecurity, Privacy
Technology Transformation for 2019
linkedin
November 15, 2018
Digital technology continues to connect and enrich the lives of people all over the globe and is transforming the tools of everyday life, but there are risks accompanying the tremendous benefits. Entire markets are committed and reliant on digital tools. The entertainment, communications, socialization, and many others sectors are heavily intertwined with digital services and devices that society is readily consuming and embracing. More importantly, the normal downstream model for information has transformed into a bi-directional channel as individuals now represent a vast source of data, both in content as well as telemetry. These and many other factors align to accelerate our adoption and mold our expectations of how technology can make a better world.
See publication
Tags: Cybersecurity, Privacy
Should Companies be Allowed to ‘Hack Back’ after a Cyberattack
linkedin
September 30, 2018
Government officials and experts are weighing in on the concept of ‘hacking back’, the practice of potentially allowing U.S. companies to track down cyber attackers and retaliate.
See publication
Tags: Cybersecurity, Privacy
Beware Friendly Botnets
linkedin
September 18, 2018
The recently discovered Fbot, which finds systems infected with crypto-coin mining malware and scrubs them clean, may seem like a champion of good, but remember it is entering your system without your permission and modifying code and deleting files. We have seen other such ‘cleaner’ worms in the past, and the best advice is to be wary.
See publication
Tags: Cybersecurity, Privacy
“Unhackable” Product Claims are a Fiasco Waiting to Happen
linkedin
August 17, 2018
Those who think that that technology can be made ‘unhackable’, don't comprehend the overall challenges and likely don't understand what 'hacked' means.
See publication
Tags: Cybersecurity, Privacy
Slowing Innovation Should be a Cybersecurity Violation
linkedin
August 04, 2018
Risks come in many forms. Going too fast, being reckless, taking chances, etc. are easy to recognize warning signs. But what about the other end of the spectrum? Is going too slow ever bad? I say yes, especially when it unnecessarily impedes productivity, innovation, operational logistics and intentionally creates frustration of users.
See publication
Tags: Cybersecurity, Privacy
Cybersecurity Fails without Strategy
LinkedIn
July 17, 2018
Building and running a cybersecurity organization is a daunting task and most aren’t doing very well. The brutal reality is that the industry is struggling. Even as gains are made in the professional community, losses are skyrocketing in the face of security spending that is increasing to astronomical levels. Some estimates place losses to cybercrime alone at $6 trillion by 2021, doubling from $3 trillion in 2015, while security spending will top $1 trillion with expected double digit annual growth. These losses exceed the global illegal drug market and the security investment burden increases at an unsustainable rate. Even with massive investments over the years, the world continues to hemorrhage losses due to cyber-attacks. These damages are derived from individual organizations that have failed to erect and maintain viable defenses.
Companies in regulated industries and larger businesses will typically invest in an internal team to actively manage the cyber risks with a Chief Information Security Officer (CISO) at the helm. The current incarnation of the CISO position has not really been in widespread use for very long and the role has radically changed over the years. Where they report within the organization, what background and skills they possess, their overall responsibilities, and the desired experience for which they are hired varies wildly from one CISO to the next. The traditional CISO role focuses on protecting company assets, including preserving reputation, preventing downtime, securing data and financial assets, and ensuring regulatory compliance. But some companies are also using the CISO role as an external marketing ambassador to fuel visibility and drum up customers. So, in today’s world it is a mixed bag. Consequently, security teams are managed very differently and there is a major performance gap that needs to be addressed.
See publication
Tags: Cybersecurity, Leadership, Risk Management
Mylobot Showcases the Evolution of Modern Malware
linkedin
June 21, 2018
The recently discovered Mylobot aggregates 9 sophisticated features, highlighting how advanced malware is evolving. Stealth capabilities make it difficult for security tools to detect and protection aspects preserve its functionality over time.
See publication
Tags: Cybersecurity, Privacy
Cybersecurity Fails without Strategy
linkedin
June 17, 2018
Building and running a cybersecurity organization is a daunting task and most aren’t doing very well. The brutal reality is that the industry is struggling. Even as gains are made in the professional community, losses are skyrocketing in the face of security spending that is increasing to astronomical levels. Some estimates place losses to cybercrime alone at $6 trillion by 2021, doubling from $3 trillion in 2015, while security spending will top $1 trillion with expected double digit annual growth. These losses exceed the global illegal drug market and the security investment burden increases at an unsustainable rate. Even with massive investments over the years, the world continues to hemorrhage losses due to cyber-attacks. These damages are derived from individual organizations that have failed to erect and maintain viable defenses.
See publication
Tags: Cybersecurity, Privacy
Cybersecurity Issues and Trends - Interview with CybxSecurity
CybxSecurity.com
March 24, 2020
My recent interview with Mark Byrne, from Cybx Security, covered a great range of cybersecurity questions, including new threats and solutions, Artificial Intelligence, DevSecOps, cybercrime, security impacts of Coronavirus, and the future of cybersecurity.
See publication
Tags: Cybersecurity, Leadership, Risk Management
The Entanglement of AI and Cybersecurity Podcast
linkedin
March 10, 2020
The boundaries of cybersecurity will be manipulated by the advances in Artificial Intelligence, the evolution of digital threats, and on ever-adapting leadership.
I had a great time being interviewed by Vaishali Lambe [Lisha] in her podcast SoLeadSaturday because we talked about how cybersecurity and AI are intertwined, how leadership is crucial, and the fact that technology tools are being used for both good and malicious purposes. The growing demands for a security-savvy workforce led us to explore the vast opportunities in the field. Emerging factors magnify the interesting swirls of competing challenges. To cap the discussion, we visualized the future of the industry and discussed the risks.
See publication
Tags: AI, Cybersecurity, Leadership
Past and Future Challenges for Security: ThinkTech Interviews Cybersecurity Strategist Matthew Rosenquist
ThinkTech: Hawaii
December 10, 2019
A look back at some of the missteps in 2019 across the convergence of cyber and physical security, with discussions on what challenges are ahead for the next year.
Thanks to Andrew Lanning for hosting me as a guest on the ThinkTech livestream show! Great questions and unscripted dialog about the evolving risks and opportunities of Artificial Intelligence, privacy, cybercrime, automation, and connected devices. Security matters!
Watch on YouTube: https://youtu.be/KQjuHVc3lbM
See publication
Tags: AI, Cybersecurity, Privacy
Thinkers360 Predictions Series – 2020 Predictions for Cybersecurity
Thinkers360
November 25, 2019
Having recently published our Top 50 Global Thought Leaders and Influencers on Cybersecurity, we asked a selection of our Thinkers360 global influencers about their predictions for Cybersecurity in 2020. Here’s what they told us…
See publication
Tags: Cybersecurity, Digital Transformation, Predictive Analytics
Humans, complacency, ignorance delay AV deployment
EEWeb
November 05, 2019
We have a long way to go before we see autonomous vehicles on the roads in any number
Is the autonomous vehicle (AV) going to be widely distributed in our lifetimes? Sure, just as soon as you eliminate human involvement, complacency and ignorance (was that repetitive?) from development. Until then, AVs are just going to be a rarity on the roads.
See publication
Tags: AI, Cybersecurity, Emerging Technology
Winning the security fight: Tips for organizations and CISOs
HelpNetSecurity
October 09, 2019
For large organizations looking to build a robust cybersecurity strategy, failure to get the fundamentals in place practically guarantees a disaster. If you ask Matthew Rosenquist, a former Cybersecurity Strategist for Intel (now independent), overcoming denial of risk, employing the right cybersecurity leader, and defining clear goals are the three most critical objectives for avoiding a negative outcome.
See publication
Tags: Cybersecurity, Leadership, Risk Management
SuperDataScience Podcast - SDS 273: Predict, Prevent, Detect: Cyber Security
SuperDataScience.com
June 26, 2019
In this episode of the SuperDataScience Podcast, I chat with Matthew Rosenquist, one of the top leading world experts in the space of cybersecurity. You will learn what balance in cybersecurity means and what the dark web is. You will hear how Matthew's career developed and how he thinks about the strategy of cybersecurity. You will also learn about the valuable role of data science in cybersecurity and the steps you can take to get into this space.
If you enjoyed this episode, check out show notes, resources, and more at www.superdatascience.com/273
See publication
Tags: Analytics, AI, Cybersecurity
Evolving Risks of Cybercrime with Matthew Rosenquist
podcasts.apple.com
June 07, 2019
The Innovators Behind DISRUPTION - Episode 27 by Evolve ETFs
Evolving Risks of Cybercrime with Matthew Rosenquist
- Growing systemic challenges in cybersecurity
- How the public sector can protect itself from cybercrime
- The NSA and its role in the recent Baltimore ransomware attack
- Opinions on Baltimore’s decision not to pay their cyber attackers
- CEOs recognizing cybersecurity as a major business risk
- Cybersecurity demand and spend
- Government concerns about cyber threats
- Advice on how to protect yourself from cyber attacks
See publication
Tags: Cybersecurity, Risk Management
Don't trust a company to keep you safe
Podcasts.apple.com
March 12, 2019
Interview of Matthew Rosenquist, Cybersecurity Strategist. Podcast by Lou Covey
A range of topics, including nation state attacks, data breaches, ransomware, Artificial Intelligence, dark web, and the perception of perfect security
See publication
Tags: AI, Cybersecurity, Privacy
Matthew Rosenquist Joins the Eclipz Advisory Board to make the World of Connected Data More Secure
Matthew Rosenquist Joins the Advisory Board for the Techno Security & Digital Forensics Conference
Contributing to the SIA Education @ ISC Advisory Board
Joint Task Force on Cybersecurity Education
Honored to Join the HMG CISO Advisory Board!
Brandeis University Graduate Professional Studies Advisory Board Member
Top Writer in Privacy by Medium
2019 ADA award for Outstanding Leadership in Protecting People’s Information
LinkedIn Top Voices 2018: Technology
Make America Secure Again - Pitch Event
The Verification of Truth: The Future of Digital Forensics and its Role in Cybersecurity
Cybersecurity Risks and Recommendations – Where Your Focus Needs to Be
How Cyber-Attacks are Changing the Expectations of Security, Privacy, and Safety
Diversity in Cybersecurity Education
Modern Successful SOC & Artificial Intelligence round-table
Shared Pain Points & Opportunities for Secure Smart Cities
Ransomware: The Not-So Good, Really Bad, and Truly Ugly!
Harnessing Cyber-Physical Security Technologies
Hardware-generated dynamic identifier
Evolving Risks of Cybercrime with Matthew Rosenquist podcast
Cyber/Physical Convergence
The True Cost of Data Breaches - Not Just a Dollar per Record
Upgrading to an APT-Capable Defense: Where To Start, How To Get Funding And See Immediate Reduction In Risk
McAfee Labs 2017 Threats Predictions
Prioritizing Information Security Risks with Threat Agent Risk Assessment