Thinkers360

Matthew Rosenquist

Cybersecurity Strategist at Intel Corp

Folsom, United States

975 Followers

Cybersecurity strategist that actively works with the industry to identify emerging risks and opportunities.  Formerly the Cybersecurity Strategist for Intel Corp. with 28 years in the security field. An active keynote speaker at industry events, member on multiple technical and academic advisory boards, and collaborates with the top minds in the cybersecurity industry across business, academia, and governments sectors.  Publishes blogs, whitepapers, and develops industry methodologies.  Was named as a Top 10 Technology Voice in 2018 by LinkedIn and has a very active following of over 180k professionals.   

Matthew is experienced in building world class teams and capabilities, managing security operations, and evangelizing best-practices to the market.  He advises boards, executives, industry groups, tech companies, consumer audiences, and the media on the risks and relevance of cybersecurity issues and how to achieve an optimal level of security.

Matthew RosenquistPoints
Academic0
Author21
Influencer20
Speaker39
Entrepreneur40
Total120

Points based upon Thinkers360 patent-pending algorithm.

Thought Leader Profile

Portfolio Mix

Company Information

Company Type: Enterprise
Business Unit: Technology
Media Experience: 10 Years

Areas of Expertise

AI 30.90
Cryptocurrency
Cybersecurity 52.45
Emerging Technology
Privacy 33.30
IoT 31.97
Leadership 32.17
Risk Management 48
Innovation 35.97
HR 30.50
Analytics 33.11
Fintech 30.89
Big Data 30.58

Industry Experience

High Tech & Electronics

Publications

15 Article/Blogs
Top 10 Things You Should Be Doing to Protect from Cyberattacks
LinkedIn
July 15, 2019
I get asked all the time for a quick answer to the question “How can I protect myself from getting attacked online?”. The simplified answer is to follow these Top 10 best practices.

See publication

Tags: Cybersecurity

Fight for Digital Privacy Rights Continue in Tech-Focused California
LinkedIn
June 27, 2019
The tech heartland of California is the latest battleground for privacy rights. Big tech companies are fighting to dilute upcoming legislation that will require more privacy protections. But is it enough? No! We need even better protections, accountability, and transparency of how our personal data is handled. This is the moment when ethical tech giants can either stand-up to do the right thing by leading the charge for the betterment of their users or lawyer-up to allow hidden practices, abuses, obfuscation, and deniability to continue for their financial gain.

See publication

Tags: Big Data, Cybersecurity, Privacy

Should Exploit Code be Published When Vulnerabilities are Made Public?
linkedin
April 18, 2019
On the heels of a recent report from Kaspersky Labs, discussions among security professionals have been stirred-up regarding the risks of publishing proof-of-concept code that may be helping hackers more than benefiting security. The topic has history and continues to be vigorously debated.

See publication

Tags: Cybersecurity, Privacy

Invitation to Innovators for Voting Technology Security
linkedin
April 15, 2019
Protecting our election infrastructure is crucial, yet security is lacking. Meaningful change starts with the spark of a great idea. I am looking forward to listening to all the excellent concepts for election security at the upcoming event in Sacramento CA. As India is now in the midst of having 900+ million people vote, we too need to figure a way to leverage digital tools for our democracy in a secure, private, trustworthy, and attestable way.

See publication

Tags: Cybersecurity

Role of the CISO: Top 3 Questions
linkedin
February 15, 2019
The role of Chief Information Security Officers (CISO) is evolving and requires a complex skill set. Long perceived as cost center that constrains the business in order to reduce losses from cyberattacks and to meet regulatory compliance, cybersecurity is now transforming into a critical function that must contribute to overall competitiveness.

See publication

Tags: Cybersecurity

Open Letter to the FTC – Bureau of Consumer Protection
linkedin
January 29, 2019
In December 2018 the FTC held hearings on Competition and consumer Protection in the 21st Century. A number of people spoke at the event and the FTC has graciously opened the discussion to public comments. The Federal Trade Commission has interest, certain responsibilities, and can affect changes to how data security evolves. This is our opportunity for the public to share its thoughts and concerns. I urge everyone to comment and provide your viewpoints and expertise to the FTC committee. Comments can be submitted electronically no later than March 13, 2019.

See publication

Tags: Cybersecurity, Privacy

When the Wrong Person Leads Cybersecurity
linkedin
November 19, 2018
Succeeding at managing cybersecurity risks is tremendously difficult even for seasoned professionals. To make situations worse, poorly suited people are often chosen to lead security organizations, bringing about disastrous results. This has contributed to weaker risk postures for organizations and the rapid turnover in cybersecurity leadership.

See publication

Tags: Cybersecurity, Privacy

Technology Transformation for 2019
linkedin
November 15, 2018
Digital technology continues to connect and enrich the lives of people all over the globe and is transforming the tools of everyday life, but there are risks accompanying the tremendous benefits. Entire markets are committed and reliant on digital tools. The entertainment, communications, socialization, and many others sectors are heavily intertwined with digital services and devices that society is readily consuming and embracing. More importantly, the normal downstream model for information has transformed into a bi-directional channel as individuals now represent a vast source of data, both in content as well as telemetry. These and many other factors align to accelerate our adoption and mold our expectations of how technology can make a better world.

See publication

Tags: Cybersecurity, Privacy

Should Companies be Allowed to ‘Hack Back’ after a Cyberattack
linkedin
September 30, 2018
Government officials and experts are weighing in on the concept of ‘hacking back’, the practice of potentially allowing U.S. companies to track down cyber attackers and retaliate.

See publication

Tags: Cybersecurity, Privacy

Beware Friendly Botnets
linkedin
September 18, 2018
The recently discovered Fbot, which finds systems infected with crypto-coin mining malware and scrubs them clean, may seem like a champion of good, but remember it is entering your system without your permission and modifying code and deleting files. We have seen other such ‘cleaner’ worms in the past, and the best advice is to be wary.

See publication

Tags: Cybersecurity, Privacy

“Unhackable” Product Claims are a Fiasco Waiting to Happen
linkedin
August 17, 2018
Those who think that that technology can be made ‘unhackable’, don't comprehend the overall challenges and likely don't understand what 'hacked' means.

See publication

Tags: Cybersecurity, Privacy

Slowing Innovation Should be a Cybersecurity Violation
linkedin
August 04, 2018
Risks come in many forms. Going too fast, being reckless, taking chances, etc. are easy to recognize warning signs. But what about the other end of the spectrum? Is going too slow ever bad? I say yes, especially when it unnecessarily impedes productivity, innovation, operational logistics and intentionally creates frustration of users.

See publication

Tags: Cybersecurity, Privacy

Cybersecurity Fails without Strategy
LinkedIn
July 17, 2018
Building and running a cybersecurity organization is a daunting task and most aren’t doing very well. The brutal reality is that the industry is struggling. Even as gains are made in the professional community, losses are skyrocketing in the face of security spending that is increasing to astronomical levels. Some estimates place losses to cybercrime alone at $6 trillion by 2021, doubling from $3 trillion in 2015, while security spending will top $1 trillion with expected double digit annual growth. These losses exceed the global illegal drug market and the security investment burden increases at an unsustainable rate. Even with massive investments over the years, the world continues to hemorrhage losses due to cyber-attacks. These damages are derived from individual organizations that have failed to erect and maintain viable defenses.

Companies in regulated industries and larger businesses will typically invest in an internal team to actively manage the cyber risks with a Chief Information Security Officer (CISO) at the helm. The current incarnation of the CISO position has not really been in widespread use for very long and the role has radically changed over the years. Where they report within the organization, what background and skills they possess, their overall responsibilities, and the desired experience for which they are hired varies wildly from one CISO to the next. The traditional CISO role focuses on protecting company assets, including preserving reputation, preventing downtime, securing data and financial assets, and ensuring regulatory compliance. But some companies are also using the CISO role as an external marketing ambassador to fuel visibility and drum up customers. So, in today’s world it is a mixed bag. Consequently, security teams are managed very differently and there is a major performance gap that needs to be addressed.

See publication

Tags: Cybersecurity, Leadership, Risk Management

Mylobot Showcases the Evolution of Modern Malware
linkedin
June 21, 2018
The recently discovered Mylobot aggregates 9 sophisticated features, highlighting how advanced malware is evolving. Stealth capabilities make it difficult for security tools to detect and protection aspects preserve its functionality over time.

See publication

Tags: Cybersecurity, Privacy

Cybersecurity Fails without Strategy
linkedin
June 17, 2018
Building and running a cybersecurity organization is a daunting task and most aren’t doing very well. The brutal reality is that the industry is struggling. Even as gains are made in the professional community, losses are skyrocketing in the face of security spending that is increasing to astronomical levels. Some estimates place losses to cybercrime alone at $6 trillion by 2021, doubling from $3 trillion in 2015, while security spending will top $1 trillion with expected double digit annual growth. These losses exceed the global illegal drug market and the security investment burden increases at an unsustainable rate. Even with massive investments over the years, the world continues to hemorrhage losses due to cyber-attacks. These damages are derived from individual organizations that have failed to erect and maintain viable defenses.

See publication

Tags: Cybersecurity, Privacy

1 Influencer Award
LinkedIn Top Voices 2018: Technology
LinkedIn
November 13, 2018
These are the 10 must-know writers and creators explaining everything from artificial intelligence to battling cyber threats.

See publication

Tags: Cybersecurity, Leadership

5 Keynotes
Make America Secure Again - Pitch Event
Inteligenca
May 23, 2019
Cybersecurity innovation at its finest! It was my pleasure to moderate and be a panelist at the Make America Secure Again event in Sacramento, where innovators pitched ideas to strengthen the security of America's digital voting systems.

Protecting our election infrastructure is crucial, yet security is lacking. Meaningful change starts with the spark of a great idea. California again shows how it can reach out to the pool of great innovators to seek a variety of solutions for cybersecurity challenges. We must all work together to find ways of managing cyber risks. Outreach and innovation is key.

See publication

Tags: Cybersecurity, IoT, Leadership

The Verification of Truth: The Future of Digital Forensics and its Role in Cybersecurity
2019 Techno Security and Digital Forensics Conference
March 11, 2019
As the world embraces digital services and automation of critical systems, understanding risk, attributing actions, and deciphering attack methods will be crucial to the proliferation of connected technology. Trust is key, but transparency is greatly obscured. Forensics will grow to become the verification of truth and will play an ever-increasing role in understanding responsibility and controlling the dissemination of Fear, Uncertainty, and Doubt through actuarial data. Let’s explore the new areas, challenges, and opportunities for the bright future of digital forensics

See publication

Tags: Cybersecurity

Cybersecurity Risks and Recommendations – Where Your Focus Needs to Be
http://www.securitysystemsnews.com/blog/psa-tec-wrap
May 10, 2017
Technology convergence across cyber and physical security is driving change. Protection will evolve to include digital security, physical safety, and personal privacy.

See publication

Tags: Cybersecurity

How Cyber-Attacks are Changing the Expectations of Security, Privacy, and Safety
2017 ISC West conference
April 06, 2016
Cyber-attacks are an ever increasing problem that reaches out from the digital domain and into the physical world to impact the security, privacy and safety of people, businesses, and governments. The rapid growth of technology adoption and connectivity are driving new opportunities for attackers at an accelerating rate. The result is a radical shift in expectations by consumers and organizations for more comprehensive solutions, streamlined oversight, and clear accountability.

See publication

Tags: Cybersecurity, Privacy, Risk Management

Diversity in Cybersecurity Education
2016 ICT Educator Conference
January 07, 2016
The cybersecurity industry needs more people with greater diversity to fill the growing number of open positions. Intel is very active with internal corporate diversity efforts, establishing strong pipelines, and investing in diverse partners. Additionally, Intel is contributing to the formalization of cyber science degree standards to align educational programs to market demands.

See publication

Tags: Cybersecurity, HR

2 Panels
Ransomware: The Not-So Good, Really Bad, and Truly Ugly!
SecureWorld
August 18, 2018
RECORDED LIVE ON AUGUST 28, 2018 — WATCH ON-DEMAND
Ransomware is spreading at an alarming pace and infecting networks across all industries and company sizes, primarily through phishing attacks. The cyber criminals behind the attacks are furiously innovating and keeping ahead of defenses. In this web conference, we will have an interactive discussion on the latest in ransomware threats and how to best protect your organization and yourself against this growing threat.

This session will educate attendees about the newest features of ransomware strains designed to evade detection and spread in new and creative ways. It will also cover recent attacks and how the victim organizations could have better protected themselves.

The session will examine:
• Current phishing trends
• Ransomware and how it is infecting networks
• Effective mitigation strategies
• Recovering from an attack

See publication

Tags: Cybersecurity

Harnessing Cyber-Physical Security Technologies
Cyber: Secured Forum (cybersecuredforum.com)
June 05, 2018
A great panel discussion, led by Ray Coulombe of Security Specifiers, with Donal Keating from Microsoft and Jeff Crume of IBM. As the audience is a strong mix of both physical and cyber security professionals, we will discuss how the convergence of technology across both domains will rapidly change to open up new opportunities and risks. Expect topics around Internet-of-Things (IoT), Artificial Intelligence (AI), and blockchain to be discussed by the panel and open questions from the audience.

See publication

Tags: AI, Cybersecurity, IoT

1 Patent
Hardware-generated dynamic identifier
US Patent Office
June 29, 2017
In an example, there is disclosed an electronic apparatus, comprising: a hardware-encoded internal private key; and one or more logic elements comprising a key generation engine to: receive an third-party key; and operate on the third-party key and the internal private key to generate a hardware-generated dynamic identifier (HGDI). There is also disclosed a method of providing an HGDI engine, and one or more computer-readable mediums having stored thereon executable instructions for providing an HGDI.

See publication

Tags: Cybersecurity, Innovation

1 Podcast
SuperDataScience Podcast - SDS 273: Predict, Prevent, Detect: Cyber Security
SuperDataScience.com
June 26, 2019
In this episode of the SuperDataScience Podcast, I chat with Matthew Rosenquist, one of the top leading world experts in the space of cybersecurity. You will learn what balance in cybersecurity means and what the dark web is. You will hear how Matthew's career developed and how he thinks about the strategy of cybersecurity. You will also learn about the valuable role of data science in cybersecurity and the steps you can take to get into this space.

If you enjoyed this episode, check out show notes, resources, and more at www.superdatascience.com/273

See publication

Tags: AI, Analytics, Cybersecurity

4 Speaking Engagements
Evolving Risks of Cybercrime with Matthew Rosenquist podcast
https://evolveetfs.com/podcasts/
June 07, 2019
Interviewed by Raj Lala, the CEO at Evolve ETFs in his podcast The Innovators Behind Disruption. In the
"Evolving Risks of Cybercrime with Matthew Rosenquist" episode, we covered a number of interesting topics, including the growing challenges in cybersecurity, rise in cybercrime, challenges of ransomware, what governments are worried about, and how to protect yourself.

See publication

Tags: Cybersecurity, Fintech, Risk Management

Cyber/Physical Convergence
2017 InfraGard Atlanta conference
January 18, 2017
Matthew Rosenquist's presentation at the 2017 InfraGard Atlanta conference, discussing the convergence between cyber and physical security.

See publication

Tags: Cybersecurity, Risk Management

The True Cost of Data Breaches - Not Just a Dollar per Record
CyberEd.io
March 22, 2016
When an organization suffers a data breach, a number of challenges, impacts, and business decisions contribute to the total of all the associated costs. The scope extends beyond a fixed dollar-per-stolen-record calculation, as it invariably includes expenditures for new security measures, legal fees, third-party forensic services, changes to business processes, as well as a loss of reputation and customer goodwill.

There is a complex set of chain reactions which occur after every significant data breach, each adding its own contribution to the overall cost and business impact.

In this session we'll discuss some real-world experiences regarding data breaches, how the costs exceed the typical dollar-per-record measure, and how organizations are adapting to learn from their experiences. We will also examine what the future holds, as attackers adapt and shift towards new data manipulation methods.

See publication

Tags: Cybersecurity, Risk Management

Upgrading to an APT-Capable Defense: Where To Start, How To Get Funding And See Immediate Reduction In Risk
Cybered.io
February 26, 2016
A complete defense cannot be deployed overnight. There are multiple people, process and technology components to consider and implement. In this session, we will help identify where and how resources can be focused to have the biggest immediate risk reduction, discuss lessons learned from real-world deployments and learn how to gain executive sponsorship of the program as a whole, to build momentum and help guarantee success.

See publication

Tags: Cybersecurity

1 Whitepaper
Prioritizing Information Security Risks with Threat Agent Risk Assessment
Intel Corp
January 05, 2010
Matthew Rosenquist, while at Intel Corp developed a threat agent risk assessment (TARA) methodology that distills the immense number of possible information security attacks into a digest of only those exposures most likely to occur. This methodology identifies threat agents that are pursuing objectives which are reasonably attainable and could cause unsatisfactory losses to Intel.

It would be prohibitively expensive and impractical to defend every possible vulnerability. By using a predictive methodology to prioritize specific areas of concern, we can both proactively target the most critical exposures and efficiently apply our resources for maximum results. The TARA methodology identifies which threat agents pose the greatest risk, what they want to accomplish, and the likely methods they will employ. These methods are cross-referenced with existing vulnerabilities and controls to pinpoint the areas that are most exposed. Our security strategy then focuses on these areas to minimize efforts while maximizing effect.

See publication

Tags: Analytics, Cybersecurity, Risk Management

Blog

Opportunities

Media Kit

Share Profile

Contact Info

  Profile

Matthew Rosenquist