Your search keyword '"Kevin Lynn"' showing total 7 results

1. The power of digital twins in the cybersecurity mesh.

Author

McLaughlin, Kevin Lynn

Subjects

DIGITAL twins, INTERNET security, ARTIFICIAL intelligence

Abstract

This article explores the transformative impact of integrating digital twins into the Cybersecurity Mesh, a decentralized security architecture further augmented by artificial intelligence. Beyond serving as digital replicas, digital twins provide real-time analytical capabilities, extending the Mesh's reach from merely identifying to proactively predicting security threats. Dr. McLaughlin examines how this integration enhances real-time monitoring, enables predictive maintenance, and improves incident response, thereby offering a more resilient, adaptive, and holistic approach to cybersecurity. [ABSTRACT FROM AUTHOR]

Published

2023

2. UNLEASHING THE POWER OF MOBILE THREAT HUNTING TOOLKITS: WHY THEY ARE CRUCIAL IN TODAY'S CYBERSECURITY LANDSCAPE.

Author

Mclaughlin, Kevin Lynn and Elliott, Erik S. A.

Subjects

INTERNET security, MERGERS & acquisitions, COMPUTER network security, DATA security

Abstract

This article discusses the importance of mobile threat hunting toolkits in modern cybersecurity, emphasizing their ability to provide efficiency, accuracy, and agility in detecting and mitigating threats. With the rise of advanced technologies, specialized teams focused on threat hunting have become essential for organizations to protect their digital assets and data. The article explores the benefits of threat hunting toolkits, highlighting their comprehensive suite of tools for threat detection, investigation, and response, and their integration with other security technologies and data sources. The article also introduces the PANTHER toolkit, a portable toolkit for threat hunting teams, designed to enhance visibility and security in non-compliant network segments or during M&A processes. Lastly, the article mentions some of the leading vendors in the threat hunting toolkit landscape, as outlined in Gartner's "Market Guide for Threat Hunting," and emphasizes the importance of adopting a proactive approach to cybersecurity to stay ahead of evolving threats. [ABSTRACT FROM AUTHOR]

Published

2023

3. "HARMONIZING THE DIGITAL SYMPHONY: THE ESSENTIAL ROLE OF CYBERSECURITY DETECTION ENGINEERS IN SAFEGUARDING CYBER LANDSCAPES".

Author

McLaughlin, Kevin Lynn

Subjects

INTERNET security, SYMPHONY, ENGINEERS

Abstract

Cybersecurity CDE are the frontline experts, identifying threats and facilitating rapid responses. They are part of a larger team, working alongside the Cybersecurity Operations Center. They provide timely, accurate info on potential threats, helping SOC analysts to prioritize and respond more effectively. They are essential to the success of the team and the broader organization. The path to becoming a proficient Cybersecurity Detection Engineer is an ongoing journey, an endless pursuit of knowledge and skills refinement. This article discusses the job responsibilities, tools and supporting culture for a successful CDE. [ABSTRACT FROM AUTHOR]

Published

2023

4. DEFENSE IS THE BEST OFFENSE: THE EVOLVING ROLE OF CYBERSECURITY BLUE TEAMS AND THE IMPACT OF SOAR TECHNOLOGIES.

Author

McLaughlin, Kevin Lynn

Subjects

TECHNOLOGICAL innovations, INTERNET security, CYBERTERRORISM, TEAMS, COMPUTER crime prevention

Abstract

The article delves into the intricacies, tools, approaches, and tactics utilized by Cybersecurity Blue Teams, as well as the essential planning practices that lay the foundation for successful operations. The effectiveness of Blue Team operations relies on the proficiency of the Blue Team members, who possess an all-encompassing understanding of cybersecurity principles, technologies, and best practices. Moreover, the article accentuates the tactical implementation of cyber defense mechanisms, such as honeypots, honeynets, and decoy systems, to augment an organization's capacity to detect and react to emerging threats. A key aspect of the article is the exploration of how Security Orchestration, Automation, and Response (SOAR) technologies support Blue Teams in enhancing their capabilities. SOAR technologies streamline and automate the response process, enabling Blue Teams to quickly identify, investigate, and remediate threats, thereby reducing the time taken to react and strengthening overall security posture. The article also stresses the significance of continuous improvement and adaptation of strategies and techniques in response to the ever-changing threat landscape and emerging technologies. In addition, the article underlines the cooperative and iterative nature of Blue Teaming operations, ensuring that organizations can efficiently adapt to and alleviate the risks posed by a perpetually evolving cyber environment. By scrupulously documenting and examining instances where the Blue Team effectively thwarts the Red Team's efforts, organizations can cultivate a comprehensive understanding of their security posture and make informed decisions to bolster their defenses. As cyber threats continuously evolve, the role of Cybersecurity Blue Teams is becoming increasingly vital, and organizations that embrace this proactive approach, supported by advanced technologies such as SOAR, will be better prepared to safeguard their critical assets and resist the unyielding barrage of cyber threats. [ABSTRACT FROM AUTHOR]

Published

2023

5. OFFENSE FOR DEFENSE: THE ART AND SCIENCE OF CYBERSECURITY RED TEAMING.

Author

McLaughlin, Kevin Lynn

Subjects

TECHNOLOGICAL innovations, CYBERTERRORISM, INTERNET security, COMPUTER crime prevention, TEAMS, BEST practices

Abstract

The article delves into the methodologies, tools, techniques, and strategies employed in Red Teaming, as well as the planning practices that underpin successful engagements. The success of Red Teaming engagements depends on the expertise of the Red Teamers, who possess a comprehensive understanding of cybersecurity principles, technologies, and best practices. Furthermore, the article highlights the strategic application of cyber deception techniques, such as honeypots, honeynets, and decoy systems, to enhance an organization's ability to identify and respond to emerging threats. The article also emphasizes the importance of the continuous improvement and adaptation of strategies and techniques in response to evolving threats and emerging technologies. In addition, the article underscores the collaborative and iterative approach of Red Teaming engagements, which ensures that organizations can effectively adapt to and mitigate the risks posed by an ever-evolving threat landscape. By meticulously documenting and analyzing instances where the Blue Team successfully intercepts the Red Team's efforts, organizations can develop a comprehensive understanding of their security posture and make informed decisions to enhance their defenses. With the constant evolution of cyber threats, Red Teaming is becoming increasingly important, and organizations that embrace it will be better equipped to protect their critical assets and defend against the relentless onslaught of cyber threats. [ABSTRACT FROM AUTHOR]

Published

2023

6. CYBERSECURITY AND FUSION CENTERS.

Author

McLaughlin, Kevin Lynn

Subjects

INTERNET security, CYBERTERRORISM, COMPUTER crime prevention

Abstract

The complex landscape of cybersecurity demands a simplified approach to facilitate a better understanding of potential risks and threats. Cybersecurity professionals can achieve this through the establishment of a Cybersecurity Security Operations & Fusion Center (CSOFC), which combines the proven capabilities of Security Operations Centers (SOCs) and Fusion Centers. This centralized hub provides a cohesive entity responsible for monitoring, detecting, protecting, and raising awareness of present and resolved cyber threats. The integration of Threat Intelligence Center (TIC) processes and techniques within the CSOFC framework significantly enhances the overall effectiveness of cybersecurity operations. By incorporating TIC methods and Fusion Center integration into the SOC, organizations can better anticipate potential threats and implement proactive measures to protect their digital assets. The key to making this work is integration, which relies on seamless collaboration among various teams and the utilization of state-of-the-art technologies designed for threat detection, analysis, and remediation. The establishment of a CSOFC is a significant step in simplifying the complex landscape of cybersecurity, allowing organizations to take a more proactive and comprehensive approach to cyber defense. [ABSTRACT FROM AUTHOR]

Published

2023

7. SECURING CORPORATE IoT DEVICES: CHALLENGES, STRATEGIES, AND THE ROLE OF AI AND ML IN CYBERSECURITY.

Author

McLaughlin, Kevin Lynn

Subjects

ARTIFICIAL intelligence, INTERNET of things, INTERNET security, AMBIENT intelligence, COMPUTER networks

Abstract

- Dr. Kevin Lynn McLaughlin, PhD As the Internet of Things (IoT) continues to grow and proliferate, it is increasingly clear that IoT devices pose a significant cybersecurity risk to organizations. The rapid proliferation of IoT devices within corporate infrastructures has left organizations more vulnerable than ever to cyberattacks. [Extracted from the article]

Published

2023