Leveraging research to stay ahead of today’s threat landscape

The mission of Nonstop Notary of Georgia & Cyber Threat Research Center is to research deficiencies or abnormalities in protecting the security and integrity of cloud-based development (Hybrid), Internet of Things (IOTs) and wearable device technology, using past and current cybersecurity incidents as a baseline.  Our goal is the design of diverse next generation resilient protections, providing consultation in driving critical vulnerabilities to remediation and security SMEs to respond and manage security findings.

The Cyber Threat Research Center (dept. IoT Security) is under the direction of the Senior Cybersecurity Researcher. The Center’s research development infrastructure as it’s related to cyber security is supported by a diverse team of certified professionals and security subject matter experts who are inspired by emerging technologies and challenges (e.g., Multi-Cloud Computing Services, Third-Party and Supply Chain Attacks, Internet of Things (IoTs) and Autonomous Systems and Smart Health Devices), using research to remain resolve and resilient and to foster ongoing curiosity of lengthy dwell times, environments for cloud-based storage, vulnerability management, compliance regulation and IT security frameworks (i.e., NIST, HIPAA, PCI-DSS, SOX and FISMA), defense-in-depth security design analysis and wearable device technology.  Research activities are expressed in the form of blog posts, publications, research papers, podcasts, partnerships and collaborations, etc.

One unremarkable discovery is the documentation of exit strategies of intentional vulnerabilities, DBIRs and the Federal IG Reports.  Exit summaries (i.e., lessons learned, audit’s report and NIST’s post-activity report ) are critical pieces of information to be used immediately rather than waiting in the wings. Exit summaries are somewhat synonymous with Shift-Left Testing.  Moving or shifting (reuse) is done earlier in the software development lifecycle.  The three R’s of recycling are reduce, reuse and recycle.  An Italian Proverb proscribed, “When a man deceives me once, it is his fault; when it is twice, it is mine.” Low hanging fruits for cyber criminals are weak, default, stolen and compromised credentials according to Lawrence Miller and Torsten George.  Lawrence Miller and Torsten George are co-authors of Zero Trust Privilege For Dummies.   Other low hanging fruits exploited are email, misconfigurations, expired certificates, whaling and information leakage.  There are 86,400s in a day.  If you have more than 500 computers connecting to a single organization, the likelihood of targeted attack is guaranteed at least every 90s.

Longer dwell times are responsible for data exfiltration of accounts in the millions- if not billions.  Dwell time describes the amount of time a malicious cyber incident goes undetected in an environment.  Dwell time is explicit in aiding advanced persistent threats (APTs). Dwell time is a tsunami if not detected within 5 days.  According to M-Trends 2018 Report, the global median of 80 days dropped to 57.5 days in 2017.  The actual global dwell times are 101 days.

Senior Cybersecurity Researcher oversees the management and operations of the Cyber Threat Research Center, researching, documenting and communicating security findings  as well as providing expert advisory, consultative and technical services on a broad range of security requests. Sr. Researcher documents security assessments to enhance security processes and controls and to collaborate with external teams to implement appropriate controls.

Continuous research and learning ensure the application of resiliency to manage emerging threats effectively.

^{Resources:
Armor. “5 DAYS TO ACTIONS ON OBJECTIVE –  DWELL TIME AS A CRITICAL SECURITY SUCCESS METRIC.” June 2018, Armor, https//cdn.armor.com/app/uploads/2018/06/2018-Ebook-Dwelltime.pdf. Accessed 8 March 2020.
Art Gallery Ergs Art. souzacardoso_brook_house_1913. Flickr. 22 October 2015. https//www.flickr.com/photos/ergsart/22188215728/in/photostream/. Accessed 06 April 2020.
Canadian Centre for Cyber Security. “Baseline Cyber Security Controls for Small and Medium Organizations V1.2.” 18 February 2020, Canadian Centre for Cyber Security, https//cyber.gc.ca/en/guidance/baseline-cyber-security-controls-small-and-medium-organizations. Accessed 03 March 2020.
Cisco. “Network Security Baseline.” Cisco, https//www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Security/Baseline_Security/securebasebook/sec_chap1.htm. Accessed 03 March 2020.
Department of Homeland Security. “CRITICAL INFRASTRUCTURE EXERCISES.” CISA, https//www.cisa.gov/critical-infrastructure-exercises. Accessed 15 March 2020.
Girken, E.”Incident Response Steps and Frameworks for SANS and NIST.” 03 January 2020, AT&T Cybersecurity, Security Essentials, https//cybersecurity.att.com/blogs/security-essentials/incident-response-steps-comparison-guide. Accessed 15 March 2020.
Hunt, G. “A Shift from Cybersecurity to Cyber Resilience: 6 Steps.” 05 December 2018, Dark Reading, https//www.darkreading.com/threat-intelligence/a-shift-from-cybersecurity-to-cyber-resilience-6-steps/a/d-id/1333378. Accessed 03 March 2020.
Mandiant. “M-Trends2018.” 30 September 2017, FireEye, https//www.fireeye.com/content/dam/collateral/en/mtrends-2018.pdf. Accessed 15 March 2020.
Miller, Lawrence and Torsten George. Zero Trust Privilege For Dummies, Centrify Special Edition. John Wiley & Sons, Inc. 2019.
Nutt, C. ” M-Trends 2019: Celebrating 10 Years of Incident Response Reporting.” 04 March 2019, FireEye, Industry Perspectives, https//www.fireeye.com/blog/executive-perspective/2019/03/mtrends-2019-celebrating-ten-years-of-incident-response-reporting.html. Accessed 15 March 2020.
Synder, C. “WHAT IS DWEEL TIME IN CYBERSECURITY?” 21 May 2019, Extrahop, https//www.extrahop.com/company/blog/2017/dwell-time-new-security-metric/. Accessed 8 March 2020.
TBConsulting. “What are the Phases of the Data Lifecycle?” 17 January 2019. TBConsulting, https//blog.tbconsulting.com/what-are-the-phases-of-the-data-lifecycle. Accessed 03 April 2020.
Ward, C. “Ransomware still a top cybersecurity threat, warns Verizon 2018 Data Breach Investigations Report.” 10 April 2018, Verizon DBIR 2018, https//www.verizon.com/about/news/ransomware-still-top-cybersecurity-threat-warns-verizon-2018-data-breach-investigations-report. Accessed 15 March 2020.
Watts, S. “What is “Shift Left”? Shift Left Testing Explained.” 31 July 2017,  Bmcblogs, https//www.bmc.com/blogs/what-is-shift-left-shift-left-testing-explained/. Accessed 05 March 2020.}