Small businesses are more than just local establishments—they are the foundation of the U.S. economy and a key pillar of national security.

Recommendations for addressing Data Consolidation societal risks through robust collaboration between the public and private sectors.

Third-party governance practices are evolving in response to the changing cybersecurity landscape, particularly in the context of digital id

Investing in advanced cybersecurity technologies and practices tailored for hybrid work, enterprises can better protect sensitive informati

The move strengthens ICIT leadership as it prepares for its 10th Anniversary and supports a new People-Centric Approach to Critical Infrastructure Security and Resiliency Press Release Nov 29, 2024 – Washington D.C. The Institute for Critical Infrastructure Technology (ICIT), a Washington D.C. based 501(c)3 think tank, is honored to announce the appointment of national security executive Cory Simpson as its new Chief Executive Officer effective immediately. As one of the na

The 2023 National Cybersecurity Strategy and the 2023 National Intelligence Strategy identify the modernization of federal defenses as a...

The United States faces a mounting challenge in safeguarding its cybersecurity in an ever-evolving digital landscape. In this ICIT research paper, our experts address the increasing need for offensive security operations, shedding light on cyber-attack risks and the need for increased support of government intervention. The report explores the delicate balance between protecting democratic values and effectively combatting cyber threats, emphasizing the crucial role of ethica

The security of critical infrastructure is essential to national security. It is essential that there be a core authority that is responsible for its cybersecurity. The Cybersecurity and Infrastructure Security Agency, or CISA, is an entity essential to supporting national security and critical infrastructure security. CISA provides a level of centralization that is crucial to supporting security at the national level, including supporting critical infrastructure. The core mi

The prevalence of open-source software (OSS) promotes the integration of common software features into existing applications. However,...

Cybersecurity legislation is vital to address the growing number of cyberattacks that threaten the economic and national security of the United States. Consequently, 2022 was a significant year for cybersecurity legislation, with six major pieces of legislation signed into law. These laws focused on cyber incidents and ransomware attacks, reporting requirements, assigning cybersecurity responsibilities to CISA, the cybersecurity workforce, and state and local government cyber

ICIT Certified Content: This content has been reviewed by ICIT and deemed valuable content for the community. We encourage you to study it and socialize it with your networks. The whitepaper explores how generating software bills of materials can improve security throughout the software development lifecycle. It was coauthored by Jim Routh, ICIT Fellow, former CISO and CSO at MassMutual, Aetna and CVSHealth, and current cybersecurity advisor and board member. The Apache Log4

ICIT Certified Content: This content has been reviewed by ICIT and deemed valuable content for the community. We encourage you to study it and socialize it with your networks. The essay, authored by Malcolm Harkins, ICIT Fellow and Chief Security and Trust Officer, Epiphany Systems, was initially published in the Spring 2022 Issue of United States Cybersecurity Magazine . In the relentless battle to protect their companies, CISOs must fight on two fronts with two very differ

Securing U.S. critical infrastructures and democratic institutions requires whole-of-government vigilance, dedicated leadership, and strategic innovation. In many ways, cybersecurity is an asymmetric tower-defense war game where a digital fog of war obfuscates numerous adversaries with unpredictable resources and varying tactics. Organizations begin with the certainty that their systems will be targeted and an accounting of the resources at their disposal to attempt to mitiga

At the height of the Cold War, former CIA Chief of Counterintelligence James Jesus Angleton famously borrowed from T.S. Eliot to describe Soviet operations strategy as a "Wilderness of Mirrors" because they were " myriad of stratagems, deceptions, artifices, and all the other devices of disinformation which the Soviet bloc and its coordinated intelligence services use to confuse and split the West … an ever-fluid landscape where fact and illusion merge." This publication aims

America is defined from its “Melting Pot” shared culture forged from diverse backgrounds, ideologies, and people. America's diversity defines its strength and makes it unique in the great-power competition of the global stage. Conflicts in cyberspace and cyber-physical boundaries jeopardize national security and stability and the U.S. is at an asymmetric disadvantage against digital adversaries of all categories of sophistication, from nation-state sponsored advanced persiste

Nation state-sponsored threat actors develop, disseminate, and deploy ransomware in conjunction with lower sophistication threat actors as a means to disrupt critical infrastructures and covertly influence global great power competitions. While the profits from ransomware attacks appeal to lower-tier attackers and draw them into the threat landscape, nation-state APTs instead benefit from the disruption and chaos that results from both targeted and widespread attacks on the c

ICIT Certified Content: This Mazebolt whitepaper contains expert insights about DDoS and its threat landscape, solutions, and mitigation in a digitally transforming world for business enterprise continuity and full DDoS security posture. Our researchers have reviewed its contents and recommend it as a trusted source of education. This whitepaper starts with a close look at the reasons why DDoS is moving up the threat chain and the best ways to protect enterprises from DDoS

CIT Certified Content: The 2021 Devo SOC Performance Report™ shows that security operations centers — and those who work in them — continue to have a number of challenges to overcome. Based on an independent survey of global cybersecurity professionals, our third annual report examines current trends for those who lead and work in SOCs. While there are some indicators of slight improvement, it’s clear that for too many people, working in the SOC remains painful. The 2020 surv

ICIT Certified Content: This Blackberry publication contains expert insights on Security and technology in the mobility and transportation sectors, including an essay from ICIT. Our researchers have reviewed its contents and recommend it as a trusted source of education. For yet another year, OverWatch disrupted a record number of interactive intrusion attempts2 by identifying malicious activity early and stopping adversaries in their tracks. This report shares insights from

In the race to create a Covid-19 vaccine by collaborating across the industry, pharmaceutical companies have exposed more threat surfaces than existed before the pandemic. By combining multiple cybersecurity best practices and strategies, pharmaceutical companies stand a better chance of protecting their valuable IP and vaccines. This publication presents are ten ways the pharmaceutical industry needs to protect the Covid-19 vaccine supply chain. By closing the cybersecurity