On Wednesday, February 5th, six highly intelligent cybersecurity experts joined together at the Cybersecurity Forum for the Delaware Bankers Association (DBA).
The DBA supports the financial institutes in their state with education, information sharing and access to state government officials. This event was their annual Cybersecurity Forum for 2020. It is an in-person event where the DBA brings cybersecurity experts to share knowledge and a panel discussion of the issues facing the financial sector and the nation. The six cybersecurity experts mentioned are named top in the region. During the forum, these experts discussed the latest issues pertaining to cloud security for financial institutions which included methods, controls, challenges, and best practices.
About 150 people attended the 1/2 day event. Sarah Long, the DBA CEO and President, expressed how critical of a topic this event covered.
In her opening remarks she shared that “no other issue affects more of our members; from the largest banks that are ‘too big to fail’ through to the smallest community banks that provide vital local services, cybersecurity presents equal risks to them all.” She is very appreciative of the experts participation and offered to connect with them for any future events the DBA hosts that are cyber related.
One common theme among many of the attendees of this event was that they struggle to move beyond basic cybersecurity hygiene in their cybersecurity “journey”.
They appreciated the collective discussions around the other aspect of cybersecurity that they can reinforce in their organizations. Some of those ideas included: 1)The need for a security culture from top to bottom 2)Taking advantage of the full set of security capabilities included in the products they already use. We noted that on average, companies use around 50% of the security capabilities that are included in products companies have in use. The example of this was a discussion about Office 365 “O365” where Lawrence Cruciana, Corporate Information Technologies, was able to quickly point some of the harder to find security capabilities, such as email authentication (DMARC and DKIM), impossible travel and MFA for administrators. Panelists expressed appreciation for CIT’s attendance and expertise in highly related and applicable fields.
Now, let’s meet the cybersecurity experts:
Harry Perper: Chief Engineer, The MITRE Corporation, National Cybersecurity FFRDC, National Cybersecurity Center of Excellence→ Currently the Chief Engineer at NIST’s National Cybersecurity Federally Funded Research & Development Center (FFRDC), Mr. Perper provides quality oversight across dozens of cybersecurity lab projects and influences the FFRDC’s forward-looking research investment opportunities. Harry also helps guide more than 40 cybersecurity engineers as they work through the development of cybersecurity reference designs and lab implementations at NIST’s National Cybersecurity Center of Excellence (NCCoE). In Harry’s recent years, he worked in the telecommunications industry in operations, engineering, and marketing. Harry eventually moved up to work for MITRE’s Center for National Security where he focused on evaluating a range of cyber technologies for the U.S. Department of Defense.
Richard Mroz: Senior Advisor, State and Government Relations→ Known for being one of the leading advocates in securing the grid from both cyber and physical attacks, Mr. Mroz is the immediate past President of the New Jersey Board of Public Utilities and was nominated by former Gov. Chris Christie in 2014. While Mr. Mroz was also a member of the National Association of Regulatory Utility Commissioners (NARUC), he served as chairman of the NARUC Committee on Critical Infrastructure. Richard Mroz is a thought leader on issues the Committee regularly addresses including cyber security, workforce development, and infrastructure improvements in all industries.
Lawrence Cruciana: Chief Systems Engineer, Corporate Information Technologies→ The founder and President of Corporate Information Technologies (CIT), Mr. Cruciana leads CIT’s cybersecurity business practice, focusing on business that handle high-value and regulated information. His current areas of research involve improving the information security posture and self-detection capabilities of potential security breaches within smaller fintech/financial organizations. This work has created technology which reduces the time between security breach and detection by over 97%. With over 20 years of Information Technology experience in regulated enterprise businesses and as a Managed IT Services Provider (“MSP”), Mr. Cruciana brings a unique insight on whole-ecosystem information risk, third-party access management, IT systems design best-practices, and the IT operational challenges encountered by businesses across a wide variety of industries.
George Mach: CISSP, CEO, Counteract Cybersecurity Group→ A seasoned IT executive and CISSP with 20+ years of expertise, Mr. Mach helps regulated and non-regulated small, mid-market and enterprise companies accomplish business objectives, minimize risk and simplify security strategies through secure managed services programs and professional IT and cybersecurity consulting.
Robert Nicholson: Solutions Integrator, Department of Technology and Information, Army Reserves→ With over 20 years of experience in science, technology and innovation in the military, state government and private industry, Mr. Nicholson is currently focused on research and strategy at the Delaware Department of Technology and Information, as well as his Navy Reserve assignment with the Office of Naval Research.
Dr. James B. Fraley: CISSP, PMP Chair, MS-IST Information Assurance→ Most recently served as a Senior Director for McAfee Global Professional Services, Dr. Fraley engaged senior leadership throughout the Fortune 2000 and Governments to propose and implement advanced cyber security operational architectures and advanced threat intelligence solutions. He had the additional duty of being the Senior Threat Intelligence Strategist for McAfee’s Advanced Programs Group (APG). Dr. Fraley serves as the industry chair the Common Lexicon for Cyber Threat Attribution Working Group for the Department of Homeland Security’s Critical Infrastructure Partnership Advisory Council (CIPAC). CIPAC is aligned with and supports the implementation of the National Infrastructure Protection Plan for the President of the United States. As the CTA Chair, Dr. Fraley works with Government, Law Enforcement and Industry to promote and share cyber threat intelligence for protection and advanced detection.
If you would like to know more about cybersecurity and how to prevent it . . . Don’t Gamble With Your Security
Corporate Information Technologies provides small to mid-market organizations with expert I.T. services including compliance assessment, cybersecurity penetration tests, and comprehensive business continuity planning services. Corporate Information Technologies can help organizations, quantify, create, refine, and mitigate the risks presented by business threatening disasters in whatever form they may be disguised.
Contact us to learn more. Don’t Gamble With Your Security