I spoke on a Docent Institute webinar last night co-hosted by Iowa Illinois IEEE Section – R4 and IEEE Computer Society (Iowa-Illinois Chapter). The title of the talk is, “Navigating Cybersecurity and Systemic Risk in a Rapidly Advancing Technological Landscape”where I discussed #cybersecurity and #systemic_risk. Thanks to Binto George & Michael Umakor, who were co-hosts. Check out the video! You may find the video and slides here:
[November 18, 2024] Docent Institute hosted the 2024 Chicago Security Speakeasy with 60 guests for drinks and dinner at the oldest private club in Chicago. A wonderful venue for a formal pre-holiday party and charity fundraiser. Thanks to my friends for making it possible, as members of this exclusive club!
I was honored to be invited to give a presentation on November 14th in Rockford, IL for the Rock River Valley Section. The turnout was 30+ members and non-members. Click the image above for the PDF.
Docent Institute is hosting a private CISO Dinner & Charity Fundraiser for Docent Institute for Greater Chicago Area security leaders on November 18th, 2024 at The Casino, near the Hancock Building, from 6-9pm. There will be appetizers, fine dining and open bar with special bourbon tasting from NetThunder. [This event has SOLD OUT]
I think of us in some kind of twilight world as transformative AI looks more likely: things are about to change, and I don’t know if it’s about to get a lot darker or a lot brighter.
Increasingly this makes me wonder how I should be raising my kids differently.Read More
Cybersecurity practitioners, as defenders of information, benefit from the fact that they are, in some ways, one large team, and the sharing of information and best practices as an industry and a community elevates everyone’s ability to protect their data. The passing of experience and expertise among peers is important, but staying ahead of emerging cyber threats requires recruiting and training the next generation.
CornCon “Quad Cities Cybersecurity Conference” is returning in person on September 30 & October 1, 2022. To be held at RiverCenter convention center in downtown Davenport, Iowa, this year’s conference will include a Thursday CISO summit (TBD), two days full of great speakers, tutorials, villages and expo, as well has K12 activities on both Friday and Saturday. More details can be found on the conference website: https://corncon.net. (note that early bird pricing has been extended to July 15th)
Systemic risk is about the risk that exists between the parts of any complex system. This includes third-party vulnerabilities. Being able to understand if any third party introduces critical levels of systemic risk to the entire system through concentration risk is also a critical systemic cyber risk challenge.
Hackers Use Cloudflare Human Check to Hide Microsoft 365 Phishing Pages
The trick is as simple as it is effective. When a victim clicks a link to a malicious site, such as http://securedsnmail.com in this case, they hit a ‘Turnstile’ verification check. This, as we know it, is
Veeam warns of critical flaws exposing backup servers to RCE attacks
Three RCE security flaws patched today (tracked as CVE-2026-21666, CVE-2026-21667, and CVE-2026-21669) allow low-privileged domain users to execute remote code on vulnerable backup servers in low-complexity
Rural hospitals and clinics struggle with a lack of cyber resources - but a five year, $50 billion federal grant program could fill some of the gaps, said Jim Roeder, vice president of IT and HIPAA security officer at Lakewood
Critical Microsoft Excel bug weaponizes Copilot Agent for zero-click information disclosure attack
CVE-2026-26144 is a critical-severity information disclosure vulnerability in Microsoft Excel. This cross-site scripting flaw can be exploited to "cause Copilot Agent mode to
