Chuck Brooks, profile picture
Uploaded byChuck Brooks
DOC, PDF324 views

Cybersecurity, Emerging Technologies, and Homeland Security - Chuck Brooks

Chuck Brooks is a cybersecurity expert, writer, speaker and thought leader. He has over 200 publications on technology and cybersecurity topics. He has received recognition as the #2 global influencer in cybersecurity and top US social influencer in risk, compliance and RegTech. He currently teaches at Georgetown University and has held positions in the US government including at the Department of Homeland Security. The document provides details on his background, areas of expertise, career highlights and publications.

Embed presentation

Download to read offline
1 / 146
2 / 146
3 / 146
4 / 146
5 / 146
6 / 146
7 / 146
8 / 146
9 / 146
10 / 146
11 / 146
12 / 146
13 / 146
14 / 146
15 / 146
16 / 146
17 / 146
18 / 146
19 / 146
20 / 146
21 / 146
22 / 146
23 / 146
24 / 146
25 / 146
26 / 146
27 / 146
28 / 146
29 / 146
30 / 146
31 / 146
32 / 146
33 / 146
34 / 146
35 / 146
36 / 146
37 / 146
38 / 146
39 / 146
40 / 146
41 / 146
42 / 146
43 / 146
44 / 146
45 / 146
46 / 146
47 / 146
48 / 146
49 / 146
50 / 146
51 / 146
52 / 146
53 / 146
54 / 146
55 / 146
56 / 146
57 / 146
58 / 146
59 / 146
60 / 146
61 / 146
62 / 146
63 / 146
64 / 146
65 / 146
66 / 146
67 / 146
68 / 146
69 / 146
70 / 146
71 / 146
72 / 146
73 / 146
74 / 146
75 / 146
76 / 146
77 / 146
78 / 146
79 / 146
80 / 146
81 / 146
82 / 146
83 / 146
84 / 146
85 / 146
86 / 146
87 / 146
88 / 146
89 / 146
90 / 146
91 / 146
92 / 146
93 / 146
94 / 146
95 / 146
96 / 146
97 / 146
98 / 146
99 / 146
100 / 146
101 / 146
102 / 146
103 / 146
104 / 146
105 / 146
106 / 146
107 / 146
108 / 146
109 / 146
110 / 146
111 / 146
112 / 146
113 / 146
114 / 146
115 / 146
116 / 146
117 / 146
118 / 146
119 / 146
120 / 146
121 / 146
122 / 146
123 / 146
124 / 146
125 / 146
126 / 146
127 / 146
128 / 146
129 / 146
130 / 146
131 / 146
132 / 146
133 / 146
134 / 146
135 / 146
136 / 146
137 / 146
138 / 146
139 / 146
140 / 146
141 / 146
142 / 146
143 / 146
144 / 146
145 / 146
146 / 146
1 Cybersecurity, Emerging Technologies Risk Management, and Homeland Security: Published Writings, Speeches, and Activities by Chuck Brooks Chuck Brooks LinkedIn Profile: https://www.linkedin.com/in/chuckbrooks/ Twitter Profile: @ChuckDBrooks
2 Chuck Brooks is a Technology Evangelist, Cybersecurity Growth Strategist, Brand Ambassador, Influencer, Corporate Executive, Speaker, Writer, Government Relations, Business Development, and Marketing Executive. He is also a Subject Matter Expert, Advisor, and Thought Leader in the areas of: Emerging Technologies, Homeland Security, Risk Management, Internet of Things, Cybersecurity & Homeland Security, Cloud, Smart Cities, Business Process Outsourcing, Design Thinking,
3 Digitization, Digital Media, Artificial Intelligence, Quantum Computing, Big Data, Digital Transformation
4
5 Career Summary Highlights:  Named Top Person To Follow on Tech by LinkedIn  Named “top U.S. 50 social influencers in risk, compliance and RegTech in the United States” by Thomson Reuters  Published over 200 articles on technology and cybersecurity topics (featured FORBES Contributor, Washington Post Cybersecurity Advisory Panelist, and Visiting Editor Homeland Security Today)  Named “#2 Global Influencer in Cybersecurity” by a distinguished panel of 30 judges by IFSEC) and “Top 20 To Follow on Cybersecurity” by author/expert Scott Schober. Named Top Global Thought Leaders to Follow on IoT by Thinkers360. Mentor TechStars Accelerator. Cyber Startup Observatory Hall of Fame. EC-Council Global Advisory Board member for Threat Management. Named by Peerlyst as one of top 52 experts to follow on cbersecurity  Current Adjunct Faculty at Georgetown University in Graduate Applied Intelligence and Cybersecurity Programs and former Adjunct Faculty Johns Hopkins University
6  Received Presidential Appointments for Executive Service by two Presidents of the United States.  Helped "stand up" Office of Legislative Affairs at the US Department of Homeland Security.  Served as first Director of Legislative Affairs at the DHS Science & Technology Directorate  Served as Senior Legislative Staff (foreign affairs, security, tech, business) to Senator Arlen Specter, U.S. Senate  Former Technology Partner Advisor at Bill and Melinda Gates Foundation  5 Time Judge; Government Security News Homeland Security Awards  Named Cybersecurity Marketer of the Year- 2017, 2016  Served in Corporate Executive in Government Relations, Marketing, and Business Development
7
8
9
10 Discovering Applications and Potential ofThe Internet ofThings by Chuck Brooks We have entered a new era of scientific breakthroughs and technological applications that will change life as we know it. Accelerated technological development is transforming our civilization. The pace of innovation is growing so rapidly that it is becoming exponential as each year passes. Futurist Dr. Michio Kaku characterizes this blazing technological shift as moving from the “age of discovery” to the “age of mastery.” This next decade beckons many new technological discoveries and applications. This includes genetic engineering and regeneration of body parts, new cures for diseases, artificialintelligence, augmented reality, nano-technologies, robotics, ultra-high speed trains and self-driving cars, renewable energies, sustainable agriculture, big data, 3-D Printing, digital security, quantum computing, mobility, and paper thin flexible personal computers. If you read the MIT Technology Review on a weekly basis, you will be provide continual insights into the trends of disruptive transformation. It also important to know some key stats and terms … and implications of the Internet of Things (IoT): Some Key IoT; Definitions/Stats:  IoT refers to the general idea of things that are readable, recognizable, locatable, addressable, and/or controllable via the Internet.
11  Physicalobjects communicating with each other.  People, data, things (machine to machine, machine to people) .  According to Gartner there will be nearly 26 billion networked devices on the Internet of Things by 2020.  Cisco estimates that IoT will be valued at $4.6 Trillion for the Public Sector in the next ten years  604 million users of wearable biometrics in 2019 according to Goode Intelligence Aspects ofThe Internet ofThings IoT Key Components of IoT: Big Data (and data mining), Sensors (RFID, chips, transistors, Analytics (predictive). IoT Product and Service Applications: Improving government services. Better efficiencies and performance via BPO. Smart solutions under budget constraints. scalability; BPO can more rapidly adapt and manage customer service for the exponential growth and magnitude of IoT, risk mitigation. Management/integration. Compliance. Data integrity. Consumer facing digital government and responding to public need. IoT Areas of focus: facilities & infrastructure management, industrial applications, energy (smart grid) , medical & healthcare, transportation, building/construction (smart buildings), environment (waste management), water resources, retailand supply chain, communications, and education (learning analytics). IoT Technology Trends: automation, robotics, enabling nanotechnologies, self-assembling materials, artificial intelligence (human/computer interface), 3D Printing Photovoltaics and printed electronics), wearables (flexible electronics) real-time analytics and predictive analytics, super-computing (faster and more connectivity), increased storage and data memory power, wireless networks, secure cloud computing, virtualization. IoT Policy Issues: ethics, interoperability protocols, cybersecurity, privacy/ surveillance, complex autonomous systems, best commercial practices. IoT Benefits: logistics and situational awareness by monitoring data, i.e. traffic jams, parking management, and distributed traffic control. Energy use (utilities). Productivity; manufacturing, logistics, telework. Healthcare; connected devices (wearables) patient monitoring vital body signs with remote monitoring capabilities. Emergency management; i.e. weather incidents, crow control. Security: cameras, sensors, forensics. IoT Areas ofImpact:
12 Health & Medicine  Health- Implantable devices, bionic eyes, DNA nanomedicines  Genomic techniques – gene therapy (Gene therapy to enhance strength, endurance and lifespan Gene therapy to enhance human intelligence)  Remote sensing tech  Medicine for longevity, enhancement  Real-time biomarker tracking and monitoring  Artificially grown organs Human regeneration (regrow lost limbs in months)  Life expectancy doubles  Human cells interfaced with nanotech MNT repair of physical trauma, almost no deaths once injured and then get MNT treatment (EMT or hospital) MNT repair of cellular damage MNT able to replace various organs MNT able to enhance body functions, Cybernetics  Exoskeletons for mobility Transportation:  Sustainability of infrastructure  Converged transportation ecosystems and monitoring  Autonomous and connected cars  Predictive analytics(parking, traffic patterns) Energy:  Solar power  Waste to biofuels  Protecting the Grid  Batteries (long lasting) Law Enforcement and Public Safety:  Surveillance (chemicaland bio sensors, cameras, drones)
13  Forensics  Interoperable communications  Security screening by bio-signature: Every aspect of your physiology can be used as a bio-signature. Measure unique heart/pulse rates, electrocardiogram sensor, blood oximetry, skin temperature Finance:  Mobile payments  Mobile banking  Identity management  Biometric Security: access controlfacialrecognition, voice recognition, iris and retina scanners, fingerprint sensors on tablets and smartphones – pass keys Agriculture:  Aqua farming  Water purification  New food manufacturing and production tech  Food security As tech and connectivity continues to evolve and expand, the many potentials of The Internet of Things will also grow. There is much we will soon discover. This article was written by Chuck Brooks. He is the Principal Market Growth Strategist for General Dynamics Mission Systems for Cybersecurity Systems. He is also Adjunct Faculty in the graduate Applied Intelligence Program and Graduate Cybersecurity Program at Georgetown University.
14
15
16
17
18
19
20 MEDIA:THOUGHT LEADER, INFLUENCER, TECHNOLOGY EVANGELIST: FeaturedWriter/Speaker/Blogger:expertise areas:homelandsecurity, cyber security, defense, CBRNE, AI, science &technology, public/privatepartnerships, IoT, innovation. Publishedin FORBES, HuffingtonPost, InformationWeek, MITSloanBlog, Computerworld, Federal Times, NextGov, Government Security News, Cygnus Security Media, HomelandSecurity Today (Visiting Editor), The Hill, Biometric Update, Bizcatalyst360, ITSecurity Planet, ChristianScienceMonitor SOCIAL MEDIA EXPERTISE: 56,000 plus LinkedInfollowers, 5,000Facebook, 11,000 Twitter followers. Co-leader of twotopHomeland Security Groups onLinkedIn. Run15 other business, techLI groups
21
22
23 Chuck Brooks has been recognized by leading media and security organizations for his insights and contributions in cybersecurity. He was named as the “#2 Global Influencer inCybersecurity”by a distinguishedpanel of 30 judges by IFSEC. A total of 20 cybersecurity global thought leaderswere selectedtobe included in the list. The judging panel includedCISOs from Fortune 50 and topsecurity leaders from organizations andmedia. IFSEC Global, launchedin the UK in 1972, is aworld renownedleading provider of news, features, videos andwhite papers for the security andfire industry. “Influence’ was definedby the award in the following ways:  Someone who has played a key role in driving technological innovation  Someone who has beena driving force inchanging regulation, standards/guidance or best practice  Someone whose insights/opinions are widely respectedandwhich are influential in shaping debate around industry issues  Someone who has beeninstrumental inthe success of the organization or business they leador are employedby  Someone who has helpedto raise the industry’s profileor beenan influential voice in the national media  IFSEC Global influencers 2018:Cybersecurity https://www.ifsecglobal.com/ifsec-global- influencers-2018-cybersecurity/
24  Chuck was alsoselectedby Cyber StartupObservatory as “ Cybersecurity Leader of The Week” The purpose of the Cybersecurity StartupObservatory is tocollaborate tobuildasafer financial industry and to helpsolve important problems leveraging cybersecurity innovation.Youcan visit an interesting #interviewcovering Chuck's thoughts andforward- thinking views on: https://cyberstartupobservatory.com/cyber-startup-observatory-chuck-brooks- cybersecurity-leader-of-the-week/  He was also includedwithsome of the world’s most respectedcybersecurity experts and thought leaders inbest-selling author andinformationsecurity leader Scott Schober’s blog: “20 Cybersecurity ExpertsWorthFollowing.”Please check out articlebelow https://scottschober.com/20-cybersecurity-experts-worth-following/  Chuck alsoreceivedrecent other accoladesfromThe WashingtonPost who named Chuck to be part of “The Network”Cybersecurity 202. “The Network,”is acuratedpanel of high level cyber experts, including topleadersinthe public and private sectors, security researchers, andacademics, who will weighinon topissues of the moment. AndHomeland Security Today named Chuck as a Visiting Editor. He alsoserving as the Executive Editor of a Newsweek MediaGroupVantage publicationexploring the impact of artificial intelligence on cybersecurity
25 https://blogs.thomsonreuters.com/financial-risk/risk-management-and-compliance/meet- the-u-s-top-50-social-influencers-in-risk-compliance-and-regtech/
26
27
28
29 Chuck Brooks BIO Chuck full time role is the Principal Market GrowthStrategistfor General Dynamics Mission Systems for Cybersecurity andEmerging Technologies. LinkedInnamedChuck as one of “The Top 5 TechPeople to Followon LinkedIn”out of their 550 millionmembers. He is alsoan advisor to LinkedInon cybersecurity andemerging technology issues. Inboth2017 and 2016, he was named “Cybersecurity Marketer of the Year by the Cybersecurity Excellence Awards. He is also a Cybersecurity Expert for “The Network”at the WashingtonPost, Visiting Editor at Homeland Security Today, and Contributor toFORBES Chuck’s professional industry affiliations include being the Chairmanof CompTIA’s Newand Emerging Technology Committee, as a member of The AFCEA Cybersecurity Committee, andas member of the Electrical andElectronics EngineersIEEEStandards Association(IEEE-SA) Virtual Reality andAugmentedReality Working Group. Some of Chuck’s other activities includebeing a Subject Matter Expert toThe HomelandDefense andSecurity InformationAnalysis Center (HDIAC), a Department of Defense (DoD) sponsoredorganizationthroughthe Defense Technical InformationCenter (DTIC), as a featuredpresenter at USTRANSCOMoncybersecurity threatsto transportation, as a featuredpresenter tothe FBI andthe National Academy of Sciences onLife Sciences Cybersecurity. He is anAdvisory BoardMember for The Center for Advancing Innovation, and was alsoappointed as a Technology Partner Advisor tothe Bill andMelinda Gates Foundation. He has servedas the lead Judge for the 2014,15,16,and17 Government Security News HomelandSecurity News Awards evaluating topsecurity technologies. In government, Chuck has receivedtwosenior Presidential appointments. Under President George W. BushChuck was appointedtoThe Department of Homeland Security (DHS) as the first
30 Legislative Director of The Science & Technology Directorate at the Department of Homeland Security. He alsowas appointedas Special Assistant tothe Director of Voice of Americaunder President Reagan. He servedas atop Advisor tothe late Senator ArlenSpecter onCapitol Hill covering security andtechnology issuesonCapitol Hill. In local government he also workedas an Auxiliary Police officer for Arlington, Virginia. In industry, Chuck has servedinsenior executive rolesfor Xerox as Vice President &Client Executive for HomelandSecurity, for Rapiscanand Vice President of R & D, for SRA as Vice President of Government Relations, andfor Sutherlandas Vice President of Marketing and Government Relations. He was alsoVice President of Federal R & D for RapiscanSystems. In media, Chuck is the featuredHomelandSecurity contributor for Federal Times, featured cybersecurity contributor for HighPerformance Counsel oncybersecurity, andan advisor and contributor toCognitive World, aleading publicationon artificial intelligence. He has also appearedin Forbes and HuffingtonPost and has publishedmore than 150 articles andblogs on cybersecurity, homelandsecurity andtechnology issues. He has 45,000 followers onLinkedInand runs a dozenLI groups, including the two largest inhomelandsecurity. In academia, Chuck is Adjunct Faculty at GeorgetownUniversity teaching acourse inhomeland security risk management anda course in homeland security technologies. He was an Adjunct Faculty Member at Johns Hopkins University where he taught agraduate course on homeland security for twoyears. He has an MA in International relations fromthe University of Chicago, a BA in Political Science fromDePauwUniversity, andaCertificate inInternational LawfromThe Hague Academy of International Law.
31 Honored to be named as the “#2 Global Influencer in Cybersecurity” by a distinguished panel of 30 judges by IFSEC. A total of 20 cybersecurity global thought leaders were selected to be included in the list. The judging panel included CISOs from Fortune 50 Companies (i.e Microsoft), and top security leaders from organizations and media. IFSEC Global, launched in the UK in 1972, is a world renowned leading provider of news, features, videos and white papers for the security and fire industry. https://www.ifsecglobal.com/ifsec-global-influencers-2018-cybersecurity/
32 Professor Chuck Brooks appointed Faculty by GeorgetownUniversity’s Master in Applied Intelligence Chuck Brooks, MA ’81 was recently appointed to be Adjunct Faculty at Master’s in Applied Intelligence Program at Georgetown University. Georgetown University’s Master of Professional Studies in Applied Intelligence program focuses on three key sectors, namely homeland security, law enforcement, and competitive business intelligence.
33
34
35
36
37
38
39 Visiting Editor Chuck Brooks Chuck Brooks is the Principal Market Grow th Strategist -- Cybersecurity and Emerging Technologies for GeneralDynamics Mission Systems. He is also an Adjunct Professor at Georgetown University in the Graduate Applied Intelligence Program teaching Risk Management. LinkedIn named Chuck as one of “The Top 5 Tech People to Follow on LinkedIn” out of their 500 million members.
40
41
42
43 Chuck Brooks on AT&T Panel discussing innovation in cybersecurity at The 2018 Gartner Global Risk Management Summit
44
45 Enjoyed speaking last night at Georgetown University’s “Cyber Week” event sponsored by Cyber Scoop. Innovation & Integration: An Evening with Cybersecurity Experts Hosted by: Maria F. Trujillo, Ph.D., Faculty Director for the Systems Engineering Management and Technology Management master's programs Frederic Lemieux, Ph.D., Faculty Director for the Applied Intelligence and Cybersecurity Risk Management master's programs Speakers: Dmitri Alperovitch, Co-Founder and CTO, CrowdStrike Chuck Brooks, Principal Market Growth Strategist, Cybersecurity and Emerging Technologies, General Dynamics Adam Firestone, Chief Engineering Officer, at Secure Channels, Inc., and Editor In Chief, United States Cybersecurity Magazine Melinda Rogers, Deputy CIO, Department of Justice
46  WASHINGTON POST TAPS CYBERSECURITY EXPERT CHUCK BROOKS FOR 'THE NETWORK:' https://www.depauw.edu/news-media/latest-news/details/33698/  Professor Chuck Brooks appointed by Georgetown University’s Master in Applied Intelligence http://europesecuritynews.com/8186/professor-chuck-brooks- appointed-by-georgetown-universitys-master-in-applied-intelligence/  Chuck Brooks Speaker on TIC Consortium Panel: Emerging Tech for Hybrid Warfare by The Intelligence Community, Inc. https://www.eventbrite.com/e/tic-consortium-panel-emerging-tech- for-hybrid-warfare-tickets-44375006840#
47
48
49
50 It was an honor co-presentingwith John Perren former Assistant Director of the Weapons of Mass Destruction Directorate of the FBI, and LTC Scott Appelgate, StrategicPlanner, J5, Cyber Policy Division at US Joint Chiefs Of Staff and Dr. Frederic Lemieux Professor and Program Director, at the National SecurityThreat Convergence: Violent Extremism and Cybersecurity event at George Washington University
51 Article Published by LinkedIn Featuring Chuck Brooks: 5 Tech Voices You Should Be Following on LinkedIn by Meghan Brockmeyer https://business.linkedin.com/marketing-solutions/blog/marketing-for-tech-companies/2016/5-tech-voices-you-should-be-following- on-linkedin
52 When you’re looking for inspiring and informative professional perspective online, where do you go? Are there experts that keep meaningful tabs on your industry? Or executives whose insights you turn to for fresh insights and new ideas? If so, you already recognize the huge opportunity to engage with, and learn from peers online. Chuck Brooks – Security Voice and “Government Relations and Marketing Executive, Thought Leader” Chuck’s varied security experience is evident in what he publishes. From aviation to public sector, government to science, his posts take on the multifaceted aspects of cyber security as it relates to industries/verticals, homeland issues and next-gen technology. Since he’s keen on variety, with formats ranging from expert Q&As to content roundups, to non-tech posts associated with topics/verticals he’s covered, his perspective truly stands out. Tech marketer takeaways: Chuck focuses core content on security, but isn’t afraid to include content tangentially related to core subject matter (e.g. a post focused on mastering the art of influence in Washington, D.C.) which incorporates fresh/unexpected content to help keep readers interested and foster conversation.
53 Chuck Brooks Speaking at the Duty of Care Conference and at Cyber Aviation event in Washington, DC, MEDIA Activities:  Publications/Writings/Interviews: Published in Huffington Post, Forbes, LinkedIn Marketing (Featured SMEon Cybersecurity and Emerging Tech) GovernmentSecurity News (featured contributor), The Hill (featured contributor), FederalTimes (Featured Contributor on homeland security issues), Christian Science Monitor (Member of PasscodeInfluencers Panel), TheHill, GovernmentExecutive, MITSloan Blog, Homeland Security Today, Cygnus Media, BizCatalyst360 (Featured
54 Contributor), NextGov, Alien Vault (Featured Contributor), GovernmentTechnology, GovExec, High PerformanceCounsel(Featured Contributor), Brink Risk Management (Featured Contributor), ITSP Magazine(Featured Contributor), Security Information Watch, Advisor and Contributor to Cognitive World.
55 Chuck Brooks as Featured Speaker (partial list of events):  Dallas 2018 AT&T Business Conference (artificial intelligence and cybersecurity)  General Dynamics Mission Systems Small Business Conference -keynote speaker  2018 Electronics Components Industry Association Conference (IoT)  DC Cybersecurity Summit 2018 (ransomware)  2017 Privacy and Security Summit (incident response)  2018n Carvercon Critical Infrastructure Convention (vulnerability asssessments)  National Academy of Sciences/FBI Biosecurity Meeting 2016  2017 IBM Event on Robotic Process Automation  USTRANSCOM Cybersecurity Roundtable 2017  The Information Systems Security Association (ISSA) 2017 Mid Atlantic Conference  British Embassy 2017 and 2018 (cybersecurity)  ACT-IAC Event on Social Media Branding 2017  Duty of Care Conference 2017  10th Annual Homeland Security Conference (Counter-terrorism magazine)  George Washington University Cybersecurity event  Institute of Management Consultants Conference 2016  Critical Security Controls Editorial Panel, Council on Cybersecurity  DC Cybersecurity Summit (Securing The IoT) 2016, 2017
56  CRM Summit (The Internet of Things, Cyber-Security, and Government Readiness) 2016  The Astana Economic Forum and Global Risk Expo in Astana, Kazakhstan.  National Cybersecurity Institute  University of Chicago webcast on Emerging Technologies  Webcast Host on Mobile Identity Management  Global Cyber Threat Summit  Cybersecurity Summit 2016, 2017  Kaspersky Cyber Security Conference 2015  IDGA Homeland Security Week conference  Homeland Security Professionals Conference 2015  Secure Cities Conference 2014  CyberMaryland conference 2014/15,17  National Press Club, Global Business News events 2014/15,16  Featured Panelist on Cybersecurity, Open Innovations Forum (MIT Technology Review co-sponsor)  Guest seminar lecturer on lobbying and interest groups in the national security policy process at the National War College of the National Defense University  Regional Representative 2011, Davos Second World Economic Forum “Communication on Top”
57
58 Thx @ChuckDBrooks for sharing your perspective that RPA= innovation at our @IBM facilitated #digitalexchange on #roboticprocessautomation.
59 ProfessionalActivities: Chuck serves as Chairman of CompTIA’s New and Emerging Technology Committee, and serves on Boards to severalprominent public and private companies and organizations. Heis Advisory Board Member to The Center for Advancing Innovation Inc., a subjectMatter Expert to The Homeland Defenseand Security Information Analysis Center (HDIAC), a Departmentof Defense(DoD) sponsored organization through theDefense Technical Information Center (DTIC), and Member, Electrical and Electronics Engineers IEEEStandards Association (IEEE-SA) VirtualReality and Augmented Reality Working Group He is a former Technology Partnership Advisor tothe Bill and MelindaGates Foundation. Chuck has served in government at the Department of Homeland Security at the Science &Technology Directorate, atVoice of America(VOA), and also for 7 years on Capitol Hill as a Senior Advisor to Senator ArlenSpecter on technology and security issues. Heis also former Adjunct Faculty at Johns Hopkins University, and received his MA in InternationalRelations fromthe University of Chicago, B.A, in Political Science from DePauw University, and a Certificate in InternationalLaw from The Hague Academy of International Law, Netherlands.
60
61
62 Cyber Startup Observatory – Chuck Brooks, Cybersecurity Leader of the Week Chuck Brooks is the Principal Market GrowthStrategist –Cybersecurity and Emerging Technologies for General Dynamics Mission Systems. Chuck is also an Adjunct Faculty member at Georgetown University in their Applied Intelligence Program. LinkedIn named Chuck as “a Top Tech Person To Follow” and he has been widely published on cybersecurity and emerging technology topics in FORBES, Huffington Post, InformationWeek, MIT Sloan Blog, Computerworld, Federal Times, Homeland Security Today (Visiting Editor), and many other publications. Chuck helped “stand up”
63 Office of Legislative Affairs at the US Department of Homeland Security and served as first Director of Legislative Affairs at the DHS Science & Technology Directorate. He has an MA in International Relations from the University of Chicago and a BA in Political Science form DePauw University. Are There Any Common Traits To What Makes a Successful Security Program? For example, incorporating the Three Pronged Approach of People, Processes and Technology? A security strategy to meet these growing cyber-threat challenges needs to be both comprehensive and adaptive. It involves people, processes, and technologies. Defined by the most basic elements in informed risk management, cybersecurity is composed of:  Layered vigilance (intelligence, surveillance);  Readiness (operational capabilities, visual command center, interdiction technologies);  Resilience (coordinated response, mitigation and recovery). The specifics of a security approach may vary according to circumstances, but the mesh that connects the elements is situational awareness combined with systematic abilities for critical communications in cases of emergency. These guidelines are represented in The U.S. government’s
64 National Institute of Standards and Technology (NIST) mantra for industry: “Identify, Protect, Detect, Respond, Recover”.
65 Specifically, there are a variety of steps involving people, processes, and technologies that can make a security programsuccessful. Recently, a not-for-profitorganization the# CyberAvengers (of which I am a member along with cyber experts Paul Ferrillo, Kenneth Holley, George Platsis, Shawn Tuma, George Thomas, and Christophe Veltsos) published a basic cyber-hygiene formula that provides a good nine point checklist for cyber protection that any company can follow: 1) Update and patch your networks, operating system and devices promptly. “Critical” is “critical” for a reason. Do it within 72 hours of release. 2) Train your employees on how to detect spear and whale-phishing attempts and what best social media practices are. Quarterly training can reduce the risk by up to 90 percent in most cases. 3) Use multifactor authentication. We have effectively reached the age of password uselessness due to our poor habits. Passwords slow down bad guys who do not know what they are doing. Biometric solutions are great, but proceed with caution if you go this route because you now have data management and privacy concerns that must be addressed. 4) Back up regularly (daily if feasible). Where possible, use the “1, 2, 3” backup rule: 1. a segmented backup on-site; 2. one off-site; and 3. one in the cloud. No need to pay the ransom if you have a clean backup ready to be uploaded to your system.
66 5) Be cautious with older systems. Yes, older systems can be repaired. However, theupfront capital cost is not always affordable. The critical issuebecomes support(patches) for these systemstops. If these systems are past their “patch life” they become tempting targets for hackers. 6) Follow-on to the last point, sometimes the best answer is the cloud. Cloud service providers have state of the art hardware and software and cloud migrations have become easier, especially over the last two years. The cloud is not a savior—it comes with other issues, such as needing to learn what your obligations and responsibilities are, ensuring you have robust agreements with your vendors, and knowing what third-party sources will have access to your information. 7) Know how your intrusion detection and prevention systemworks. Isit signature-based? Perhaps it is behavioral-based? Maybe it is both? New cyber threats require new tools. This is where machine learning, cognitive computing, AI, automation, and orchestration all come into play (but only when done in tandem with all other techniques discussed here). Internet data traffic has reached the stage where humans aren’t able to do this on their own. 8) Consider a Managed Service Provider (MSP) or a Managed Security Service Provider (MSSP). Cybersecurity is not everybody’s strength, but one ransomware attack could be crushing. There are options out there to help you. Sure, it costs money, but you are buying peace of mind. Do your homework and find the right solution for you. 9) Do you drive your car without insurance? Cyber insurance is not mandatory yet, but it may be in the future. Chances are if you are doing a lot of what is suggested here, premium payments will be at the lower end.
67 A successful cybersecurity will also require integration of emerging technologies for identity management, authentication, horizon monitoring, malware mitigation, resilience, and forensics. Automation and artificial intelligence are already impacting the capabilities in those areas. Cybersecurity capabilities in information sharing, hardware, software, encryption, analytics, training and protocols, must keep pace to protect and preempt the increasingly sophisticated threats in both the public and private sectors. What Advice Do You Have For Security Leaders? My Advice to security leaders is that cybersecurity is a team sport and everyone needs to be involved. It starts with basic cyber-hygiene and defining the threats for employees. It needs to be systematic and repeatedly offered with reminders and encouragement. This communication process suggestion applies to all industries, especially the financial industry that is being constantly targeted by hackers. Because of the fact that employees are continually facing a growing amount of sophisticated phishing, ransomware, and DDoS attacks, security leaders must serve as the outer perimeter to monitor and prevent attacks in addition to the cyber-hygiene role.
68 Assessing vulnerabilities in data protection for any industry requires a working operational cybersecurity framework. For example, my basic list would include:  Are the latest security patches applied on the operating systems and software?  Have the servers been monitored and checked and confirmed to be free of malware?  Do the firm’s firewalls block everything not specifically necessary for business?  Is anti-virus software loaded and active on all systems?  Is all sensitive data identified, encrypted and stored securely?  Is a Virtual Private Network (VPN) used for general browsing on employee laptops and smartphones?  Are servers and sensitive computer data kept in secure locked areas?  Are WiFi access-points configured securely?  Are employees required to learn and adhere to cyber-hygiene policies to prevent social engineering and phishing attacks?  Is there a clearly written and enforced cyber security framework in place?  Is there and incident response plan in place?
69 Of course that list can be expanded and customized. But having a strategic plan in place to deter, protect, mitigate against cyber-threats is the best advice I can offer to other security professionals. And that plan should also include incident response and communications protocols if a breach occurs. What are the biggest Challenges We Face in the Year ahead? 2017 was the worst year on record for breaches. In 2017, globally there were a total of 5,207 breaches and 7.89 billion information records compromised. Unfortunately, 2018 is following the same trends. The challenges have not diminished. We live in world of algorithms; 1’s and 0’s. Our digital world is ripe for access and compromise by those who want do harm from just a laptop and server. A myriad of recent breaches have
70 demonstrated that as consumers we are becoming more and more dependent upon digital commerce. Our banking accounts, credit cards, and financial daily activities are interconnected. We are all increasingly vulnerable from hackers, phishers, and malware proliferating across all commercial verticals. Ransomware has become an serious threat and challenge. In 2017, the use of ransomware has become a preferred method of cyber-attack choice by hackers. This is because many networks (especially hospitals, utilities, universities, and small businesses) arecomprised of different systems, devices and often lack required patching and updating necessary to thwart attacks. The recent Wannacry, and Petya attacks were certainly wake up calls to the disruptive implications of ransomware. We can expect to see more such attacks because of the ease of infection and because the vulnerabilities to networks still remain. Also, the availability for hackers to be paid via cryptocurrencies makes ransomware more criminally viable Ransomware is not a new threat, it has been around for at least 15 years, but it has become a trending one. Experts estimate that there are now 124 separate families of ransomware and hackers have become very adept at hiding malicious code. Success for hackers does not always depend on using the newest and most sophisticated malware. It is relatively easy for a hacker to do. In most cases, they rely on the most opportune target of vulnerability, especially with the ease of online attacks.
71 Perhaps even more ominous are the Distributed Denial of Service attacks (DDoS). Tech Target provides a succinct definition of A distributed denial-of-service (DDoS) attack is an attack in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource. The flood of incoming messages, connection requests or malformed packets to the target system forces it to slow down or even crash and shut down, thereby denying service to legitimate users or systems. The connectivity of the Internetof Things (IoT) and its billions of connected devices is conducive for DDoS activities. A Gartner report predicts more than 20 billion connected things to the internet by 2020 that can be hacked or compromised. Clearly, it is almost an insurmountable task to monitor and protect IoT. In 2016 a DDoS attacks were launched against a Domain Name System (DNS) called Dyn. The attack directed a variety of IoT connected devices to overload and take out internet platforms and services. It is an increasingly difficult challenge to keep up with the increasing sophistication of the socially engineered threats and threat actors. McKinsey & Company and the World Economic Forum published a joint paper a couple of years back projecting that ineffective cybersecurity will result in a cost to the global economy of three trillion dollars by 2020. That estimate may be even greater now that IoT has expanded so rapidly along with the attack surfaces constituted by so many billions of connected devices to the internet. Consider the dire and eye opening facts: Hackers attack every 39 seconds and around one billion accounts and records were compromised worldwide last year. There are estimates that global
72 Cybercrime damage costs will reach $6 trillion annually by 2021. Cybercrime is growing exponentially and so are the risks. What Are Key Strategies Toward Addressing The Insider Threat? The Cyber Insider Threat is one of the most difficult challenges for companies, organizations, and countries. It is often difficult to discover, defend and remediate because such threats can involve a combination human behavioral elements and hardware and software technologies. Many of the threat actors are tech-savvy and are becoming increasingly sophisticated in their methods of infiltration. For Chief Information Security Officers (CISO), defending against insider threats is one of their biggest challenges. In fact, according to a SANS 2015 Survey on Insider Threats, 74% of CISOs
73 expressed concern about employees stealing sensitive company information. The 2016 Cyber Security Intelligence Index, IBMfound that 60% of all cyber- attacks were carried out by insiders. A Verizon 2016 DBIR Report disclosed that that 77 percent of internal breaches were deemed to be by employees, 11 percent by external actors only, 3 percent were from partners and 8 percent involved some kind of internal-external collusion which makes them hard to categorize. And according to Accenture HfS Research 69% of enterprise security executives reported experiencing an attempted theft or corruption of data by insiders during the last 12 months. Negligent behavior is often the result of lack of security awareness due to poor security protocols and updates of patches, and especially compliance, and training, but anyone can be a victim of a spoof or phishing attack. Accidental insider threats can result from a multitude of causes including inadvertent disclosure of sensitive information, lost records, or a portable memory device. Also, employees who bring their own devices (BYOD) to work increase the risk of accidental cross pollination to company networks of malware and viruses from their smartphones. Insider threats can impact a company’s operationalcapabilities, cause significantfinancial damages, and harm a reputation. While there are no complete total solutions to eliminating vulnerabilities from insider threats, Risk management is a prudent mechanism to reduce the likelihood of breaches. Risk management should determine how authorized access is maintained and monitored. Comprehensive risk management should include cyber-hygiene best practices; education/training, use policies and permissions, configuring network access, devicemanagement, application controls, and regular network audits. Also, encryption tools, new network mapping, automated rapid
74 detection technologies and behavioral analytic software tools have also been developed that help mitigate the insider threat landscape of morphing digital and physical threats. How Can CISOs, CIOS and the C-Suite Work Together? A key for cybersecurity is creating a collaborative landscape for all parties involved in combating threats and responding to incidents. That includes CISOs, CIOS and the C-Suite. Often CISOs and CIOs do not speak the same language and the focus of their serious IT concerns often differs. This can be ameliorated by establishing a shared framework between the C-Suite and the IT professionals of operations that includes means for communication and most importantly, a shared strategy. Collaboration is king.
75 A strategy plan should evolve from that framework should directly name the decision-makers and spell out responsibilities. A primary goal is for the CTO and CIO and SMEs to educate the Board and present the values and potential costs of such IT operational components so they develop a deeper understanding and align all business elements, including marketing and sales, with cybersecurity. It is best if the plan is calibrated by outside SMEs, the CTO, and CIO for specific Cybersecurity requirements. Developing an understanding and creating an effective cybersecurity operational strategy really depends on a Ying/Yang formula; you need the technical people who understand the street view challenges of industry from an engineering perspective and you need the executives who run P & L to facilitate the operations and go to market efforts, to sign off on a clearly defined plan. The themes of the framework should include protecting data, corporate IP, and establishing governance. A successful collaborative strategy requires stepping up assessing situational awareness, information sharing, and especially resilience. In C-Suite terms, what is the price tag for staying in business. In IT terms this may include operational components of encryption, biometrics, smarter analytics, and automated network security, informed risk management software, cyber certifications and training, network monitoring, and incorporating NextGen layered hardware/software technologies for the enterprise network, payload, and endpoint security. Also, access and identity management of connected devices need to be strengthened and enforced through new protocols and processes.
76 Also, it is imperative that any strategy and plan include working mechanisms for operational incident response, gap analysis, resilience, and audits. Cybersecurity is integral to brand reputation and no matter what, breaches will happen and how quickly and effectively a company responds will be a consequence to the bottom line to shareholders. How has Industry Cooperation Made an Impact on Cybersecurity ? There are three key areas in industry partnering has reaped innovation and cybersecurity benefits: 1) open collaboration and information sharing of threats; 2) best practices/lessons learned (gap analysis); 3) accessing research development (“R & D”) and innovation. Industry has focused on those three areas to identify products and product paths, evaluate technology gaps, and help design scalable architectures that will lead to more efficiencies and positive changes. The financial industry has been at the forefront of strengthening industry cooperation through open collaboration, best practices, and shared research and development. As a result, he industry has accelerated innovation and helped meet the challenges we all face as citizen/consumers in this evolving technological era.
77 In macro terms, open collaboration and information-sharing among industry stakeholders has simplified operations and help reduce duplicative IT portfolios, administrative complexity, and technological redundancy. A continued industry partnership involving information-sharing and risk-sharing will exponentially benefit innovation in many key areas including homeland/national security, health and human services, energy, public safety and transportation. Such information sharing will become even more of an imperative as connectivity in industry grows with the emergence of the Internet of Things. The growing complexity and magnitude of cyber-threats has created an unprecedented level of transparent collaboration between private stakeholders. Cooperation in Innovation also has enabled the application of expertise and planning to maximize and leverage capabilities to build faster, smarter, and better outcomes. And that cooperative trend needs to continued and be expanded.
78 In the future, industry and public/private sector cooperation should follow an impact framework that incorporates emerging technology areas, organization & policy priorities, and cybersecurity trends: Emerging Technology Areas:  Internetof Things (society on new verge of exponential interconnectivity  Wearables  Robotics  Artificial intelligence and Machine Learning  SmartCities  Connected transportation  Virtual and Augmented Reality  Drones  Super Computing  QuantumComputing and Encryption  Big Data Organization & Policy Priorities:  Protecting critical infrastructure through technologies and Public/Private cooperation  Better identity management via encryption and biometrics  Automated network-security correcting systems (self-encrypting drives)  Technologies for “real time” horizon scanning and monitoring of networks
79  Diagnostics and forensics (network traffic analysis, payload analysis, and endpoint behavior analysis)  Advanced defense for framework layers (network, payload, endpoint, firewalls, and anti- virus)  Mobility and BYOD security  Predictive and Forensic Analytics  Interoperability Cybersecurity Trends:  Informed risk management to mitigate cybersecurity threats  Emergence of formalized Public/Private sector cybersecurity partnerships  More information and threat sharing and collaboration between the public and private sectors  Shared R & D cybersecurity spending  Increased spending for cloud security computing  Consolidation and protection of on premise data centers from cyber threats  Expansion of hiring and training of cybersecurity workforce  Tech foraging It is a special honor for me to be selected as the Cybersecurity Leader of the week. Cybersecurity is a critical path to mitigate the growing global threat of cyber-attacks that has targeted the financial services community. To stay safer, I requires strategic collaboration and open dialogue. I hope that sharing
80 insights for this interview has helped serve in those areas. I want to convey my personal thanks and appreciation to Cyber Start Up Observatory for allowing me to provide my inputs to this important forum and for choosing me for the award. Chuck Brooks Short Bio Chuck Brooks is the Principal Market Growth Strategist — Cybersecurity and Emerging Technologies for General Dynamics Mission Systems. Chuck is also an Adjunct Faculty member at Georgetown University in their Applied Intelligence Program. LinkedIn named Chuck as one of “The Top 5 Tech People to Follow on LinkedIn” out of their 550 million members. He has published more than 150 articles and blogs on cybersecurity and technology issues. In both 2017 and 2016, he was named “Cybersecurity Marketer of the Year by the Cybersecurity Excellence Awards. Chuck’s professional industry affiliations include being the Chairman of CompTIA’s New and Emerging Technology Committee, as a member of The AFCEA Cybersecurity Committee, and as a Technology Partner Advisor to The Bill and Melinda Gates Foundation. In government, Chuck has served at The Department of Homeland Security (DHS) as the first Legislative Director of The Science & Technology Directorate at the Department of Homeland Security. He served as a top Advisor to the late Senator Arlen Specter on Capitol Hill covering security and technology issues on Capitol Hill. In academia, he was an Adjunct Faculty Member at Johns Hopkins University where he taught a graduate course on homeland security for two years. He has an MA in International relations from the University of Chicago, a BA in Political Science from DePauw University, and a Certificate in International Law from The Hague
81
82
83 Chuck Brooks articles on FORBES: https://www.forbes.com/sites/cognitiveworld/people/chuckbrooks/#58455e ed6a44
84 More Published Writings by Chuck Brooks (Partial List):  CHUCK BROOKS, FEATURED HPC CONTRIBUTOR – ADVISER TO LINKEDIN AS CYBERSECURITY AND EMERGING TECHNOLOGY SUBJECT MATTER EXPERT https://highperformancecounsel.com/chuck-brooks- featured-hpc-contributor-adviser-linkedin-cybersecurity-emerging-technology-subject-matter-expert/  Why LinkedIn is an Indispensable Medium for SecurityProfessionals | by Chuck Brooks LinkedInMarketing Blog (post has received more than a million views!) https://business.linkedin.com/marketing- solutions/blog/marketing-for-tech-companies/2017/why-linkedin-is-an-indispensable-medium-for- security-professiona  Chuck Brooks on FORBES: https://www.forbes.com/sites/cognitiveworld/people/chuckbrooks/#324692f16a44  Four Emerging Technology Areas That Will Help Define Our WorldIn 2019 https://www.forbes.com/sites/cognitiveworld/2018/12/24/four-emerging-technology-areas-that-will-help- define-our-world-in-2019/#67777af58ddd
85  The New Techno-Fusion: The Merging Of Technologies Impacting OurFuture https://www.forbes.com/sites/cognitiveworld/2019/02/26/the-new-techno-fusion-the-merging-of- technologies-impacting-our-future/#30f9310e1f3e  A Scoville Heat Scale For Measuring Cybersecurity https://www.forbes.com/sites/cognitiveworld/2018/09/05/a-scoville-heat-scale-for-measuring- cybersecurity/#e7a78c133275  Catalyzing Innovation via Centers, Labs, and Foundries https://www.forbes.com/sites/cognitiveworld/2018/07/11/catalyzing-innovation-via-centers-labs-and- foundries/  Cybersecurity, Is there Light at the End of The Tunnel in 2018? https://www.alienvault.com/blogs/security-essentials/cybersecurity-is-there-light-at-the-end-of-the- tunnel-in-2018  Employing A Risk Management Framework To The Internet of Things http://reader.mediawiremobile.com/OnTheFrontlines/issues/203075/viewer?page=17  Protecting Energy CriticalInfrastructure a Key Challenge for DHS https://www.hstoday.us/subject-matter- areas/infrastructure-security/protecting-energy-critical-infrastructure-a-key-challenge-for-dhs/  PERSPECTIVE: Leadership Role Suits DHS in Cybersecurity Evolutionby Chuck Brooks https://www.hstoday.us/federal-pages/dhs/perspective-leadership-role-suits-dhs-in-cybersecurity- evolution/
86  CYBERSECURITY ACTION LIST FOR LAW FIRMS https://highperformancecounsel.com/a-cybersecurity- action-list-for-law-firms/  DHS S&T Showcases Innovation and Partnerships at RSA 18 Cybersecurity Conference https://www.hstoday.us/federal-pages/dhs/dhs-st/dhs-st-showcases-innovation-and-public- private-partnerships-at-rsa-18-cybersecurity-conference/  The 4th Industrial Revolution May Change the Way We Are Connected to Ourselves http://cognitiveworld.com/article/4th-industrial-revolution-may-change-way-we-are-connected-ourselves  Emerging Technologies and the Cyber Threat Landscape https://www.alienvault.com/blogs/security- essentials/emerging-technologies-and-the-cyber-threat-landscape  7 Emerging Tech Trends For 2018 https://www.alienvault.com/blogs/security-essentials/emerging- technologies-and-the-cyber-threat-landscape  Artificial Intelligence And Machine Learning Hot Topics At RSA 2018 https://www.itspmagazine.com/itsp- chronicles/artificial-intelligence-and-machine-learning-hot-topics-at-rsa-2018  Trends In Emerging Cognitive Technologies and Predictive Analytics http://cognitiveworld.com/article/trends-emerging-cognitive-technologies-and-predictive- analytics  Needed: New Ideas to Help Enable The Federal Cybersecurity Workforce https://recruitingcybersecurity.com/federal-cybersecurity-workforce/
87  Congress prioritizes cyber issues for homeland security funding in 2018[Commentary] https://www.linkedin.com/pulse/thought-leadership-links-chuck-brooks-published-writings-chuck- brooks/  Interview with Chuck Brooks https://scienceofcybersecurity.com/chuck-brooks/  Hurricane Harvey: Special thanks totheprofessionals, volunteers helpingothers http://www.federaltimes.com/management/leadership/2017/08/29/hurricane-harvey-special-thanks-to-the- professionals-volunteers-helping-others-commentary/  Expert Chuck Brooks Offers A Cybersecurity “Cheat Sheet” For The C- Suite https://highperformancecounsel.com/expert-chuck-brooks-offers-cybersecurity-cheat-sheet-c- suite/  Rising Tides And Higher Stakes. Cybersecurity Thought-Leader ChuckBrooks In Interview https://highperformancecounsel.com/new-cybersecurity-stakes-interview-cybersecurity-thought-leader- chuck-brooks/  Emerging Technologies For The Public Sector by ChuckBrooks in Cognitive World http://cognitiveworld.com/article/emerging-technologies-public-sector  Chuck Brooks Federal News Radio Interview: New administrationlooks to DC for cyber innovation https://federalnewsradio.com/whats-working-washington/2017/05/new-administration-looks-to-dc-for- cyber-innovation/  Identity Theft, The Not So Hidden Scourge by Chuck Brooks https://www.alienvault.com/blogs/security- essentials/identity-theft-the-not-so-hidden- scourge?bwf_dp=t&bwf_entry_id=5382&bwf_token_id=17267&bwf_token=QXuSRLGATE0mnNfPwfSTORz j9  Co-Author of The #CyberAvengers Playbook; The Non-Technical, No Nonsense Guide For Directors, Officers, and General Counsels https://www2.fireeye.com/OFFER-WP-Legal-Playbook.html
88  Blockchain for Government: A Cheat Sheet: http://www.nextgov.com/technology-news/tech- insider/2017/07/blockchain-government-cheat-sheet/139274/?oref=ng-HPriver  Rising Tides And Higher Stakes. Cybersecurity Thought-Leader ChuckBrooks In Interview https://highperformancecounsel.com/new-cybersecurity-stakes-interview-cybersecurity-thought-leader- chuck-brooks/  A Quick Summary of Recent Cybersecurity Trends & Developments by Chuck Brooks https://highperformancecounsel.com/quick-summary-recent-cybersecurity-trends-developments- businesses-law-firms-know/  Defining and Addressing the Growing Cyber Insider Threat https://www.alienvault.com/blogs/security- essentials/defining-and-addressing-the-growing-cyber-insider-threat  EXPERT BROOKS ON #CYBERSECURITY: IS WANNACRY RANSOMWARE JUST THE WARM-UP ACT? https://highperformancecounsel.com/expert-brooks-cybersecurity-wannacry-ransomware-just- warm-act/  Time to streamline Congressional oversight of DHS [Commentary] http://www.federaltimes.com/articles/time-to-streamline-congressional-oversight-of-dhs-commentary  5 emerging tech key to transportation security [Commentary] http://www.federaltimes.com/articles/5- emerging-tech-key-to-transportation-security-commentary  THE GAMIFICATION TREND IN #CYBERSECURITY – EXPERT CHUCK BROOKS TALKS THROUGH THIS EMERGING SOLUTION FOR CLIENTS HTTPS://HIGHPERFORMANCECOUNSEL.COM/GAMIFICATION- TREND-CYBERSECURITY-EXPERT-CHUCK-BROOKS-TALKS-EMERGING-SOLUTION-CLIENTS/  Chuck Brooks Federal News Radio Interview: New administration looks to DC for cyber innovation https://federalnewsradio.com/whats-working-washington/2017/05/new-administration- looks-to-dc-for-cyber-innovation/  Automation technologies and the changing cybersecurity ecosystem http://gsnmagazine.com/node/48279?c=cyber_security
89  Chuck Brooks, The Tech Voice You Should be following: University of Chicago Webinar (YouTube with slide deck presentation) https://www.youtube.com/watch?v=3wk2uMXzS60&feature=youtu.be  WannaCry ransomware worm attacks the world (Interview Comments by Chuck Brooks http://www.securityinfowatch.com/article/12334948/wannacry-ransomware-worm-attacks-the-world  CYBERSECURITY EXPERT & HPC CONTRIBUTOR CHUCK BROOKS ON MEETING GROWING SECURITY CHALLENGES https://highperformancecounsel.com/cybersecurity-expert-hpc-contributor-chuck-brooks- meeting-growing-security-challenges/  The Cusp of Technological Transformation http://cognitiveworld.com/article/cusp-technological- transformation-0  Technologies And Companies In The Cybersecurity Battleground https://www.bizcatalyst360.com/technologies-and-companies-in-the-cybersecurity-battleground/  NCF-DC05 New Leadership At DHS Goes Public On Cyber – DC Update with ChuckBrooks http://www.logiccentralonline.com/new-cyber-frontier/ncf-dc05/  Writestream Radio welcomes Cybersecurity Expert Chuck Brooks http://www.blogtalkradio.com/writestream/2017/08/30/the-writestream-welcomes-cybersecurity- expert-chuck-brooks#.WaasLo3XMLA.facebook  CYBERSECURITY EXPERT & HPC CONTRIBUTOR CHUCK BROOKS ON MEETING GROWING SECURITY CHALLENGES https://highperformancecounsel.com/cybersecurity-expert-hpc-contributor-chuck-brooks- meeting-growing-security-challenges/  Chuck Brooks explains the difference between ICS and IT security http://iiot- world.com/cybersecurity/chuck-brooks-explains-the-difference-between-ics-and-it-security/  RANSOMWARE IS SPREADING LIKE WORMS:ARE YOU READY? http://www.nextgov.com/technology- news/tech-insider/2017/05/ransomware-spreading-worms-are-you-ready/137896/?oref=ng-channelriver  Homeland Security wins in Trump budget, especially in cybersecurity [Commentary] http://fifthdomain.com/2017/03/17/homeland-security-wins-in-trump-budget-especially- in-cybersecurity-commentary/
90  The cybersecurity priority for DHS in 2017 http://www.federaltimes.com/articles/the-cybersecurity- priority-for-dhs-in-2017  Congress had an office that gave expert tech analysis; let's bring it back http://thehill.com/blogs/pundits- blog/technology/306426-congress-had-an-office-that-gave-expert-tech-analysis-lets  Recent Attacks Demonstrate The Urgent Need For C-Suite Cybersecurity Expertise https://www.alienvault.com/blogs/security-essentials/recent-attacks-demonstrate-the-urgent- need-for-c-suite-cybersecurty-expertise  Meeting Security Challenges Through Vigilance, Readiness and Resilience http://www.brinknews.com/?p=5052?utm_source=BRINK+Subscribers&utm_campaign=b94043 847f-BRINK_Daily_Insights_28_02_17&utm_medium=email&utm_term=0_c3639d7c98-b94043847f- 110145109  The Priority of the Government/Industry Cybersecurity Partnership https://www.alienvault.com/blogs/security-essentials/the-priority-of-the-government- industry-cybersecurity-partnership  Will Vulnerable U.S. Electric Grid Get a New Protection Mandate? http://www.brinknews.com/will- vulnerable-u-s-electric-grid-get-a-new-protection-mandate/  Emerging focus on cyber threats to energy infrastructure http://www.federaltimes.com/articles/emerging-focus-on-cyber-threats-to-energy- infrastructure  Congress had an office that gave expert tech analysis; let's bring it back http://thehill.com/blogs/pundits- blog/technology/306426-congress-had-an-office-that-gave-expert-tech-analysis-lets  Creating A Secure Smart City http://www.qognify.com/blog/creating-secure-smart-city/  Safeguarding Patients and Data In The Evolving Healthcare Cybersecurity Landscape https://www.alienvault.com/blogs/security-essentials/safeguarding-patients-and-data-in-the- evolving-healthcare-cybersecurity-landscape
91  Technology Foraging for Cybersecurity Solutions https://www.alienvault.com/blogs/security- essentials/technology-foraging-for-cybersecurity-solutions  And I Think To Myself, What A Virtual World https://itspmagazine.com/from-the-newsroom/and-i-think- to-myself-what-a-virtual-world  Cyber Defense in an Imperfect World, a New Approach http://www.brinknews.com/cyber-defense-in-an- imperfect-world-a-new-approach/  How The Next Administration WillReshape DHS http://www.federaltimes.com/articles/how-the-next- administration-will-reshape-dhs  Elections at Risk in Cyberspace, Part IV: Securing the Vote | SIGNAL Magazine http://www.afcea.org/content/?q=Article-elections-risk-cyberspace-part-iv-securing-vote  The Gender Gap in Cybersecurity Can, and Should Be, Closed http://www.itsecurityplanet.com/from-the- newsroom/the-gender-gap-in-cybersecurity-can-and-should-be-closed  Gen Touhill brings vision, strategy as nation’s first CISO http://www.federaltimes.com/articles/gen- touhill-brings-vision-strategy-as-nations-first-ciso  US must invest more in advanced computing http://thehill.com/blogs/pundits-blog/technology/291013- us-must-invest-more-in-advanced-computin  DHS cyber role elevated in new legislation http://www.federaltimes.com/story/government/dhs/blog/2016/06/15/dhs-cyber-role- elevated-new-legislation/85934982/  Safeguarding Patients and Data In The Evolving Healthcare Cybersecurity Landscape https://www.alienvault.com/blogs/security-essentials/safeguarding-patients-and-data-in-the- evolving-healthcare-cybersecurity-landscape  Socializing Citizen Services In The Public Sector http://bizcatalyst360.com/socializing-citizen-services-in- the-public-sector/
92  Embracing Global Public/Private Cybersecurity Alliances https://www.alienvault.com/blogs/security- essentials/embracing-global-public-private-cybersecurity-alliances  Future Watch – Follow The Tech Leader http://bizcatalyst360.com/future-watch-follow-the-tech-leader/  4 steps to a strong incident response plan | CSO Online http://www.csoonline.com/article/3104203/techology-business/4-steps-to-a-strong-incident-response- plan.html  Cyber Defense in an Imperfect World, a New Approach http://www.brinknews.com/cyber-defense-in-an- imperfect-world-a-new-approach/  NCF-DC1 Washington DC Cyber News Update With Chuck Brooks http://www.logiccentralonline.com/new- cyber-frontier/ncf-dc1/  Ransomware Trending as Weapon of Choice for Hackers http://www.itsecurityplanet.com/from-the- newsroom/ransomware-trending-as-weapon-of-choice-for-hackers  The Government Explores Artificial Intelligence http://thehill.com/blogs/pundits- blog/technology/280481-the-government-explores-artificial-intelligence  DHS's ongoing challenge: Securing soft targets by Chuck Brooks http://www.federaltimes.com/story/government/dhs/blog/2016/03/28/dhss-ongoing-challenge- securing-soft-targets/82350628/  Creating a digital career path for Native Americans http://www.federaltimes.com/story/government/dhs/blog/2016/05/16/creating-digital- career-path-native-americans/84455826/  The Internet Of Things (IoT) Has Arrived – What You Should Know http://infosecurity.ciowatercooler.co.uk/the-internet-of-things-iot-has-arrived-what-you-should- know/
93  NGA's Homeland panel to benefit from Governor Hutchinson’s experience, leadership http://www.federaltimes.com/story/government/dhs/blog/2016/08/10/ngas-homeland-panel-benefit- hutchinsons-experience-leadership/88031784/  DHS cyber role elevated in new legislation http://www.federaltimes.com/story/government/dhs/blog/2016/06/15/dhs-cyber-role-elevated-new- legislation/85934982/  Embracing Global Public/Private Cybersecurity Alliances https://www.alienvault.com/blogs/security- essentials/embracing-global-public-private-cybersecurity-alliances  The Gender Gap in Cybersecurity Can, and Should Be, Closed http://www.itsecurityplanet.com/from-the- newsroom/the-gender-gap-in-cybersecurity-can-and-should-be-closed  Digital Convergence and Cybersecurity https://www.alienvault.com/blogs  The Globality Quotient: Cybersecurity. “Hacked Again” & Women in Digital Universe http://bizcatalyst360.com/cybersecurity-hacked-again-women-in-digital-universe/  4 stepsto a strong incidentresponse plan | CSO Online http://www.csoonline.com/article/3104203/techology- business/4-steps-to-a-strong-incident-response-plan.html  Pathway To The New Era of Quantum Computing https://ctovision.com/2016/06/pathway-new-era- quantu m-computing/  UK/US Cybersecurity Will Thrive Withor Without Brexit http://www.itsecurityplanet.com/from-the- newsroom/uk/us-cybersecurity-cooperation-will-thrive-with-or-without-brexitooperation  Creating a Digital Career Path for Native Americans http://www.federaltimes.com/story/government/dhs/blog/2016/05/16/creating-digital-career-path- native-americans/84455826/  The Rise of the Chief Data Officer https://www.alienvault.com/blogs/security-essentials/the-rise-of-the- chief-data-officer  Ransomware Trending as Weapon of Choice for Hackers http://www.itsecurityplanet.com/from-the- newsroom/ransomware-trending-as-weapon-of-choice-for-hackers
94  The Government Explores Artificial Intelligence http://thehill.com/blogs/pundits- blog/technology/280481-the-government-explores-artificial-intelligence  The Globality Quotient: Cybersecurity (ChuckBrooks Interviewed) http://bizcatalyst360.com/the-global- quotient-cybersecurity/  Chuck Brooks on Cybersecurity: The Weakest Link Will Always Be the Human Element http://www.govtech.com/dc/articles/Chuck-Brooks-on-Cybersecurity-The-Weakest-Link-Will-Always-Be- the-Human-Element.html  DHS's ongoing challenge: Securing soft targets by Chuck Brooks http://www.federaltimes.com/story/government/dhs/blog/2016/03/28/dhss-ongoing-challenge-securing- soft-targets/82350628/  Chuck Brooks, Winner "Cybersecurity Marketerof the Year", Cybersecurity Excellence Awards https://americansecuritytoday.com/chuck-brooks-winner-2016-cybersecurity-excellence-awards/  3 of the biggest concerns about external cyberthreats Phishing attacks employing malware, especially ransomware, is a top cybersecurity concern of Chuck Brooks (@ChuckDBrooks), vice president of government relations and marketing at Sutherland Global Services.“Anyone and everyone is vulnerable,” he said. “The expanding interconnectivity of our devices and the Internet of Things also makes malware a network threat. And with these kinds of phishing attacks, it is often quite difficult to find and prosecute the perpetrators.” http://theartofthehack.com/3-of-the-biggest-concerns-about-external-cyber-threats/  Government R&D can be a catalyst for technological progress http://thehill.com/blogs/pundits- blog/technology/267944-government-rd-can-be-a-catalyst-for-technological-progress  The GSN 2015 Digital Yearbook of Awards- Judge Chuck Brooks Interview https://www.yumpu.com/en/document/view/55008535/the-gsn-2015-digital-yearbook-of-awards/8  Key homeland security priorities to watch in 2016 http://www.federaltimes.com/story/government/dhs/blog/2015/12/15/key-homeland-security- priorities-watch-2016/77368604/  Seven astounding technologytrends for 2016 http://www.securityinfowatch.com/article/12151224/seven-top-technology-trends-for-2016  Preparing for the Coming Millennial Workforce https://www.careersingovernment.com/tools/gov- talk/career-advice/preparing-coming-millennial-workforce/
95  HSN Charles Brooks Interview - The Threat Cyber-security Poses to Homeland Security http://homelandsecuritynet.com/component/contushdvideoshare/player/hsn-tv/hsn-charles- brook-interview?Itemid=  The Internet Of Things (IoT) Has Arrived – What You Should Know http://wavefrontonwireless.com/the- internet-of-things-iot-has-arrived-what-you-should-know/  7 Top Tech Trends Impacting Innovators in 2016 http://www.innovationexcellence.com/blog/2015/12/26/7-top-tech-trends-impacting-innovators-in- 2016/  The alchemy of big data in government http://thehill.com/blogs/pundits-blog/technology/263890-the- alchemy-of-big-data-in-government  Terror bulletins, alerts or nothing at all: Feds try for happy medium ( Chuck Brooks interviewed) http://www.federaltimes.com/story/government/dhs/2016/02/08/homeland-security-alerts/79982178/  The Internet of Things and Cyber- Security: Government Readiness https://www.peerlyst.com/blog- post/the-internet-of-things-and-cyber-security-government-readiness  Smart cities, the Internet of Things and the Blue Revolution: http://thehill.com/blogs/pundits- blog/technology/254779-smart-cities-the-internet-of-things-and-the-blue-revolution  Christopher Gorog - CWC Cyber – Conversation with Chuck Brooks http://www.christophergorog.com/cyber-security/cwc-cyber-1/  Protecting the Internet of Things and livingin Smart Cities: http://www.federaltimes.com/story/government/dhs/blog/2015/09/24/protecting-internet- things-and-living-smart-cities/72742172/  Does Government Need ‘Hardware-Separated’ Operating Systems?: http://www.nextgov.com/technology-news/tech-insider/2015/09/does-government-need- hardware-separated-operating-systems/121826/  Winning With Women - an interview withChuck Brooks: https://milspray.wordpress.com/2015/09/02/winning-with-women-wednesday-first-male-interview-with- chuck-brooks-vp-government-relations-marketing-sutherland-global-services/  The Four Pillars to Navigating Washington, DC (The Hill) http://thehill.com/blogs/pundits- blog/washington-metro-news/217783-navigating-the-four-pillars-of-Washington
96  Interview with Chuck Brooks on key Homeland Security Issues for 2015 (Government Security News) gsn 2014 digital yearbook of homeland securityawards recipients  Homeland Security Interview by Government Security News on Key issues for 2015 http://blog.securityrecruiter.com/2015/02/gsn-2014-digital-yearbook-of-homeland.html  Some catalyzing technologies on the government horizon http://thehill.com/blogs/pundits- blog/technology/238756-some-catalyzing-technologies-on-the-government-horizon  Solving Problems with Technology Convergence http://government.blogs.xerox.com/2015/04/02/solving- problems-with-technology-convergence/#prettyPhoto  Government prioritizes digital engagement (Computerworld) http://www.computerworld.com/article/2931835/it-transformation/government-prioritizes-digital- engagement.html  Department of Homeland SecurityExplores Wearables http://www.wearablevalley.co/department-of- homeland-security-explores-wearables/#more-21  The OPM breach screams for action | SecurityInfoWatch.com https://www.google.com/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF- 8#q=The+OPM+breach+screams+for+action.+Chuck+Brooks  Servicing the Internet of Things and the New Digital Economy http://government.blogs.xerox.com/2014/11/21/servicing-internet-of-things-new-digital- economy/#.VKriQCvF91Y  Adopting a cooperative Global Cyber Security Framework to mitigate cyberthreats (before it is too late) http://www.voodootec.com/author/chuckbrooks/  Xerox’s Chuck Brooks: Preparation, Commitment Key for Govt-IndustryCyber Partnerships http://blog.executivebiz.com/2015/01/xeroxs-chuck-brooks-preparation-commitment-key- for-govt-industry-cyber-partnerships/  Carahsoft Citizen Engagement Seminar (Chuck Brooks on Panel) https://www.carahsoft.com/learn/event/1733-carahsoft-citizen-engagement-seminar  DHS, FBI stepping up digitization of Records http://archive.federaltimes.com/article/20140827/BLG04/308270010/DHS-FBI-stepping-up-digitization- records
97  Internet of Things, New Frontier of Technology Convergence http://government.blogs.xerox.com/2014/08/27/iot-new-frontier-technology-convergence/#prettyPhoto  Wearables Bring New Sense of Fashion to Public Sector http://www.nextgov.com/technology-news/tech- insider/2015/02/wearables-bring-new-sense-fashion-public-sector/104679/  DHS: A decade (and more) of competing congressional oversight http://www.federaltimes.com/article/20140718/BLG04/307180011/DHS-decade-more-competing- congressional-oversight  Huffington Post Cybersecurity Industry Interview WithXerox's Chuck Brooks http://www.huffingtonpost.com/brian-e-finch/cybersecurity-industry- in_2_b_4620232.html?utm_source=Alert- blogger&utm_medium=email&utm_campaign=Email%2BNotifications  The DHS's vital role in confronting the threat of pandemics and bioterrorism |Federal Times http://www.federaltimes.com/article/20141104/BLG04/311040018/The-DHS-s-vital-role- confronting-threat-pandemics-bioterrorism  "Why You Should Be Excited About Future Tech" (InformationWeek) http://www.informationweek.com/strategic-cio/executive-insights-and- innovation/why-you-should-be-excited-about-future-tech/d/d-id/1114036?  Dick Tracy and the Benefits of Virtual Government http://government.blogs.xerox.com/?s=virtual+government  Critical Infrastructure Cybersecurity Takes Center Stage A Decade After The 9/11 Commission Report http://www.counciloncybersecurity.org/articles/critical-infrastructure-cybersecurity-takes-center- stage-a-decade-after-the-9-11-commission-report/  Creating resilience with public/private partnerships—and planning (MIT Sloan Blog) http://executive.mit.edu/blog/2014/02/creating-resilience-with-publicprivate-partnerships-and- planning/  DHS’s Special Partnership withNative Americans (Indian Country News) http://www.indiancountrynews.com/index.php/news/26-mainstream-politics/13958-dhs-s- special-partnership-with-native-americans
98  TechNOW – Interview with Charles Brooks, VP, Department Homeland Securityat Xerox https://www.youtube.com/watch?v=t8WXYOotJh8  Homeland Security is Back in the Limelight By Chuck Brooks (The Hill) http://thehill.com/blogs/pundits- blog/homeland-security/230788-homeland-security-is-back-in-the-limelight  Critical Infrastructure Cybersecurity Takes Center Stage A Decade After The 9/11 Commission Report http://www.counciloncybersecurity.org/articles/critical-infrastructure-cybersecurity-takes-center- stage-a-decade-after-the-9-11-commission-report/#tweet-link  Transportation security: Back to the future http://thehill.com/blogs/pundits-blog/212288-transportation- security-back-to-the-future  Chief Data Officers in the Government – What Role Should TheyPlay? https://government.blogs.xerox.com/2015/02/20/chief-data-officers-government-what-role-should-they- play/?utm_content=sf36444741&utm_medium=spredfast&utm_source=twitter&utm_campaign=Corporat e+Channels&CMP=SMO-Facebook+sf36444741#.VSLkIJh0xdh  Mining Big Data for What It’s Worth http://government.blogs.xerox.com/2014/12/05/big-data-what-its- worth/#.VSLft5h0xdg  Charles Brooks to present June 26 webinar on evolving DHS role in Strategic Cyber Operations http://www.gsnmagazine.com/article/41412/charles_brooks_linkedin_homeland_security_dis cussi  The public/private imperative toprotect the grid by ChuckBrooks (Federal Times) http://www.federaltimes.com/article/20140616/BLG04/306160008/The-public-private- imperative-protect-grid  How S&T drives innovationat DHS" http://www.federaltimes.com/article/20140423/BLG04/304230005/How-S-T-drives-innovation-DHS  “Human Factors” and Biometrics at DHS: http://www.biometricupdate.com/author/chuck-brooks  The public/private imperative toprotect the grid http://archive.federaltimes.com/article/20140616/BLG04/306160008/The-public-private-imperative- protect-grid  Government SecurityNews 2013 Homeland Security Awards (Lead Judge) http://www.gsnmagazine.com/node/39332?c=federal_agencies_legislative
99  Securing the Cyber Ecosystem through Protection Projects and Planning (HomelandSecurityWeek presentation) http://www.homelandsecurityexpo.com/speakerinfo.aspx?tp_spkid=105234  Tech Interviews Featured on House Homeland Security Website http://article.wn.com/view/2015/03/13/House_Committee_on_Homeland_Security_Schedule_f or_March_1620/  DHS Secretary Jeh Johnson revitalizes the 'One DHS' vision http://www.federaltimes.com/article/20140513/BLG04/305130012/DHS-Secretary-Jeh- Johnson-revitalizes-One-DHS-vision  Chuck Brooks interview publishedin SecurityInfoWatch onthe application of lessons learned from last year's Boston Marathon bombings. "Boston Marathona case study in lessons learned following last year's bombing tragedy" bySteve Lasky http://www.securityinfowatch.com/article/11416172/boston- marathon-security-measures-make-for-a-different-event  DHS as the Epicenter for Cybersecurity in Government (Government Security News): http://www.gsnmagazine.com/node/32882?c=cyber_security  Native Americans key to border security success http://thehill.com/blogs/pundits- blog/immigration/214494-native-americans-key-to-border-security-success  Government cyber securityprograms mandatedto go commercial (Cygnus Media): http://mobile.securityinfowatch.com/article/11151600/congressional-hearings-have-called- attention-to-the-need-for-better-cooperation-between-government-agencies-and-the-private-sector  Three keys to unlocking tech treasures -- Focus on collaboration, STEM and 'foraging' (Federal Times) http://www.federaltimes.com/apps/pbcs.dll/article?AID=2013310280011  Strategic Cyber Operations Webinar: The Evolving Role of Cybersecurity at the Department of Homeland Security by Chuck Brooks at GWU http://cps.gwu.edu/strategic-cyber-operations-webinar-evolving-role- cybersecurity-department-homeland-security  “Why You Should be Excited about Future Tech”. Key topics: The digital age and the Internet of Things; Health & Medicine; and, Manufacturing http://www.cata.ca/Media_and_Events/Press_Releases/cata_pr07041401.html  Public/Private Partnerships (FORBES): http://www.forbes.com/sites/xerox/2013/08/12/successful_public_private_partnerships/
100  Chuck Brooks presentations at Global Risk Expo in ASTANA, KAZAKHSTAN http://astanaforum.org/2014/events/international-expo-conference-global-risk-expo  Featured Speaker:Chuck Brooks - Homeland SecurityWeek 2015 http://www.homelandsecurityweek.com/SpeakerInfo.aspx%3Ftp_spkid%3D105234  Featured Speaker: Homeland Security Week 2014 Conference https://www.asdevents.com/event_speakers.asp?id=3323&desc=Homeland+Security+Week+ 2014+Conference  Using Social Media to Link In to Government: http://bizcatalyst360.com/linking-government/  Xerox’s Charles Brooks: Gov’t Agencies Seek to Accelerate Record Digitization http://blog.executivebiz.com/2014/08/xeroxs-charles-brooks-govt-agencies-seek-to- accelerate-record-digitization/  The National Press Club Hosts Global Leadership Challenges: Government and Private Sector Leaders Share Innovation, Talent and Regulatory Strategies (Presenting) http://www.prweb.com/releases/2014/02/prweb11609927.htm  Tech & Innovation thought leader ChuckBrooks joins The Franklin FoundationBoard of Directors http://www.prlog.org/12396042-tech-innovation-thought-leader-chuck-brooks-joins-the- franklin-foundation-board-of-directors.html  Interview with Chuck Brooks: Talking LinkedIn Strategywith Mark Amtower | Hinge http://www.hingemarketing.com/blog/story/talking-linkedin-strategy-with-mark-amtower  Featured Speaker: 4th Annual Human Cyber Forensics Conference: https://www.fbcinc.com/e/HCFC/speakers.aspx  How Big Data Will Revolutionize Aviation Security (ChuckBrooks Interviewed) http://www.hstoday.us/index.php?id=483&cHash=081010&tx_ttnews%5Btt_news%5D=322 17  Xerox’s Charles Brooks: Gov’t Agencies Seek to Accelerate Record Digitization http://blog.executivebiz.com/2014/08/xeroxs-charles-brooks-govt-agencies-seek-to- accelerate-record-digitization/
101  Transaction Processing is at the Root of Data Analytics http://government.blogs.xerox.com/2014/06/11/transaction-processing-root-of-data- analytics/#prettyPhoto  BizCatalyst 360: Digital Government Yields Customer Service Innovation http://bizcatalyst360.com/digital- government-yields-customer-service-innovation/  Government SecurityNews: Charles Brooks, Linkedin Homeland Security discussion leader, topresent June 26 webinar on evolving DHS role in StrategicCyber Operations http://gsnmagazine.com/node/41412?c=cyber_security  Digital Government Yields Exciting Innovation http://government.blogs.xerox.com/2014/05/28/digital- government-yields-exciting-innovation/  Transforming US Border Crossing http://government.blogs.xerox.com/2014/05/21/transforming-u-s- border-control-processing-through-automation/  Radio Interview: All things LinkedIn - FederalNewsRadio.com http://www.federalnewsradio.com/239/3691601/All-things-LinkedIn  Chuck Brooks interview publishedin SecurityInfoWatch onthe application of lessons learned from last year's Boston Marathon bombings. "Boston Marathona case study in lessons learned following last year's bombing tragedy" bySteve Lasky http://www.securityinfowatch.com/article/11416172/boston- marathon-security-measures-make-for-a-different-event  DHS's Special Partnership with Native Americans Homeland Security Today http://www.nxtbook.com/nxtbooks/kmd/hst_201310/#/12  Pausing Before Tapping “Connect:” Can Privacy and Security ... http://airpatrolcorp.com/2015/01/27/internetofthings/  The Future of Social Media (Chuck Brooks quote) http://www.business2community.com/social- media/future-social-media-60-experts-share-2014-predictions-0718083  Next Practices Institute Events - Executive Next Practices Institutehttp://www.enpinstitute.com/events/  What Government Agencies Can Learn From The Private Sector (FORBES) http://www.forbes.com/sites/xerox/2013/10/02/government-agencies-eye-contact-centers-for- consolidation-3-takeaways-from-the-private-sector/  Xerox Real Business Radio Online Radio | BlogTalkRadio http://www.blogtalkradio.com/xeroxradio
102  Interview - Global Radio Talk Show – Interviews with Business Leaders ... http://globalradiotalkshow.com/  Xerox exec Chuck Brooks to discuss global cybersecurity threats at MIT Forum Moscow http://www.gsnmagazine.com/node/33583?c=access_control_identification  Government cyber securityprograms mandatedto go commercial (Cygnus Media): http://mobile.securityinfowatch.com/article/11151600/congressional-hearings-have-called- attention-to-the-need-for-better-cooperation-between-government-agencies-and-the-private-sector  The National Press Club Hosts Global Leadership Challenges: Government and Private Sector Leaders Share Innovation, Talent and Regulatory Strategies (Presenting) http://www.prweb.com/releases/2014/02/prweb11609927.htm  Mobile Apps Continue to Shape Government Agencies http://government.blogs.xerox.com/2014/10/15/mobile-apps-continue-to-shape-government- agencies/#.VjZQ1_mrTIU  Combining Legislation and technologyfor Better Government Service http://zone.tmcnet.com/topics/articles/355948-combining-legislation-technology-better- government-customer-service.htm  Radio Interview: The U.S. Needs a Proactive Approach To Combat Cybercrime https://www.centerforsecuritypolicy.org/2014/04/16/the-u-s-needs-a-proactive-approach-to- combat-cybercrime/  Featured Speaker; Symposium on Homeland Security & Defense http://symposiumonhomelandsecurity.com/wp-content/uploads/2015/03/2015-Symposium-on- Homeland-Security__Draft-Schedule-3_30_15.pdf  Interview with Chuck Brooks The Business Edge | VoiceAmerica™ http://www.voiceamerica.com/show/2186/the-business-edge  Featured Speaker; The Counter Terrorist magazine http://www.thecounterterroristmag.com/conference/  Moderator, Technology Conference - Association for Corporate Growth http://www.acg.org/boston/technologyconference.aspx  Featured Speaker: 4th Annual Human Cyber Forensics Conference: https://www.fbcinc.com/e/HCFC/speakers.aspx
103  Featured Speaker; The CyberMaryland Conference - Federal Business Council, Inc. http://www.fbcinc.com/e/cybermdconference/speakers.aspx  Cybersecurity 2014: Beyond the NIST framework - FedScoop http://fedscoop.com/cybersecurity-2014- beyond-nist-framework/  How Wearable Devices Can Transform Contact Center Operations http://www.customerexperiencereport.com/strategy-and-trends/wearable-devices-can- transform-contact-center-operations/  Interview: TechNOW -- with Charles Brooks, VP, Department Homeland Securityat Xerox: What are your Homeland Security views? http://www.cata.ca/Media_and_Events/Press_Releases/cata_pr01301501.html  How To Successfully Implement Social Media For Business Development In Government https://howtomeasuresocialmediaingo2015.sched.org/event/c88310c3c0bb9a12dcc3742b7d 609543#.VSK8z5h0xdg  Listed as one of the top 50 in "Data Sciences" on LinkedIn “25 Data Scientists Popular onLinkedIn” Posted by Vincent Granville http://www.datasciencecentral.com/profiles/blogs/25-data-scientists- popular-on-linkedin  Keeping Pace With a Streamlined Service Approach http://www.datasciencecentral.com/profiles/blogs/25-data-scientists-popular-on-linkedin  Cybersecurity 2014: Beyond the NIST framework http://fedscoop.com/cybersecurity-2014-beyond-nist- framework/  Featured Speaker: Social media in Government conference http://aliconferences.com/events/social- media-in-government_0515/  CyberTECH Network | Advisors http://cybertechnetwork.org/advisors/  CYBER CRIME & IDENTITY THEFT IN A GLOBAL BUSINESS ENVIRONMENT http://www.ctcbiz.org/upcoming/flyers/cyber2014/CTC%20Cyber%20Security%202014%2 0Outline.pdf xerox | GovCon Executive http://www.govconexecutive.com/%3Fs%3Dxerox  Chuck Brooks, Featured Speaker at Press Club on Doing Business in Washington, DC Washington '14 March - Global HR Newshttp://www.globalbusinessnews.net/conf.asp%3Fcid%3D271
104  Public/private partnership is key to be competitive in any market. The Know How http://asiasecuritynews.com/6299/publicprivate-partnership-is-key-to-be-competitive-in-any- market-the-know-how/ References and Recommendations:
105
106
107 Edward Youis a SupervisorySpecialAgentinthe FBI’sWeaponsof MassDestructionDirectorate,Biological Countermeasures Unit.Mr. You isresponsible forcreatingprogramsandactivitiestocoordinate andimprove FBIandinteragencyeffortsto identify,assess,andrespondtobiological threatsorincidents.These effortsincludeexpandingFBIoutreachtothe Life Sciencescommunitytoaddressbiosecurity.Before beingpromotedtothe Weaponsof Mass DestructionDirectorate,Mr.You was a memberof the FBI Los AngelesFieldOfficeJointTerrorismTaskForce andservedonthe FBI HazardousEvidence Response Team. Mr. You hasalso beendirectlyinvolvedinpolicy-makingeffortswithafocusonbiosecurity.He isan active WorkingGroup memberof the National SecurityCouncilInteragencyPolicyCommittee onCounteringBiologicalThreatsandan Ex Officio memberof the NIH National Science AdvisoryBoardforBiosecurity.He alsoservesontwocommitteesforthe National Academiesof Sciences,the Institute of Medicine’sForumonMicrobial Threatsandthe Committee onScience,Technology,and Law’sForum on SyntheticBiology June Klein , CEO Technology & Marketing Ventures, Inc; Electronic- BoardroomTMVi(r) Solutions; EmpowernatorJune(tm) Next Practices; Chuck and I served as “invite-only, vetted and trusted advisors” to the Bill and Melinda Gates Foundation - Technology Partner Network. Throughout the 2year strategic program, Chuck was a pleasure to collaborate with toward accelerating solutions on a range of global challenges facing the foundation and its grantees. He was generous in sharing his articles in prestigious publications, contacts to DC decision-makers and access to his featured speaker and award events. Currently, I am honored that Chuck choseme to be a manager of his “Emerging & Futuristic Technologies LinkedIn Group”. Chuck has huge followings on social networks and diligently responds to his thousands of friends on focused subject matters. He is a holistic thinker grounded in government, industry and academia leadership. I value any opportunity to work with Chuck to team
108 with strategic partners that can benefit from scaling my IOT, cybersecurity, resiliency and video initiatives. I think very highly of Chuck, bothpersonally and professionally. This is also evidenced by my recommending him to my UK Merchant Bank’s Virtual Technology Cluster as a speaker and director of their Cybersecurity program blending entrepreneurial firm innovations with Lockheed Martin’s productdevelopment process. I am confident that if you hire Chuck for any leadership, director, team, award or speaking slots, he will contribute to catapulting your success and achieving your goals. Besides his many skills, he is a very nice personas well. Feel free to contactme if you want any further evidence. Dexter Ingram Senior Advisor, INTERPOL I have had the pleasure of knowing Chuck for over 10 years, since he was at DHS and I was on the House Select Committee on Homeland Security. He is a consummate professional who has a deep understanding of the issues,process, and people involved in the world of homeland security and Law enforcement. His breadth of experience derived from working on The Hill, in government, in
109 academia, in industry, and with the media make him truly unique. I most highly recommend Chuck and look forward to continuing working together. Holger Schulze B2B Tech Marketing Entrepreneur | Marketing-as-a-Service Chuck was selected "Cybersecurity Marketer of the Year" at the 2016 Cybersecurity Excellence Awards. This was quite an accomplishment as the awards were highly competitive with hundreds of entries and Chuck was one of the leading vote getters overall. This award reflects the information community's recognition of Chuck's excellence in the cybersecurity and homeland security space. I follow Chuck's prolific and informative writings and speeches on the topics of cybersecurity, homeland security, IoT, futurism, and emerging technologies -- many of which are re-posted in our 300,000 members Information Security Community LinkedIn Group. It a real pleasure to endorse Chuck for his great depth of experience, professionalism, capabilities and for his dedication to promoting cyber security issues. Mike Bowers Former President of Xerox Federal, Federal Government Services Executive & Advisor
110 It was a real pleasure working with Chuck at Xerox. He served us as a thought leader on technology, BPO, homeland security and other important issues. He has exceptional depth on complex technology issues and an uncanny ability to rapidly write penetrating articles that were very well received in the media and Inside The Beltway. His contacts/relationships at DHS as well as his Rolodex of those in industry and government is second to none and served his BD colleague well. Most of all he was a professional and great person to work with. I give Chuck my highest recommendation. Thomas A. Cellucci, PhD, MBA Founder, Chairman & CEO Cellucci Associates, Inc. It is indeed a distinct pleasure to provide this recommendation for Chuck. To put it simply, Chuck possesses boththe strategic vision and tactical discipline to get results--period. Having said that, his keen intellect is only matched by his genuine good nature and helpful attitude towards others. I would recommend Chuck for any business activity he would undertake.
111 Herbert E. Spiegel, Ph.D,MBA President & Chief Science Officer at Applied Science & Technology Associates, LLC Chuck is an excellent sourceof information on the national and international scene. He is a mentor of the first order, with respectto the science and political aspects of Homeland Security and the myriad of issues surrounding that discipline. He is modestin his expertise and easily approachable. He is a valuable guide, willing to share his vast experience. Simon Szykman Chief Technology Officer, Federal Services at Attain Chuck and I were colleagues when we were both serving at the Department of Homeland Security. Chuck was a pleasure to work with and is a consummate professional with executive management and substantive issue expertise, particularly in technologies relating to DHS. Chuck also brings a special blend of experience to the table, having successfully served in leadership roles in industry, as well as executive and legislative branches of government. Chuck is a relationship builder, a
112 "connector" of both opportunities and people. I highly recommend Chuck and look forward to continuing to work with him in the future. Admiral Jay Cohen President at JayMCohen LLC From my Senate confirmation hearings, through two years of re-inventing the Dept of Homeland Security Science & Technology Directorate (which was described by the Congress in 2006 as a "rudderless ship with no one at the helm" and in danger of the Congress rescinding $200M in FY 07), Chuck Brooks as Director of Legislative Affairs at DHS was INVALUABLE to me, the DHS S&T Directorate, DHS, the Nation AND Congress in making the "reformation" of DHS S&T a complete success. His Hill/DC acumen, insight, reliability, ability to develop highly effective congressional interaction/communications is WITHOUT PEER in my nearly 16 years dealing with senior executive branch officials, industry, academia and the Congress. He has my strongest recommendation for executive positions of high responsibility in government relations/ business development. Hon. Jay M Cohen (Rear Admiral, US Navy, ret.)
113 George Romas Chief Engineer, Cybersecurity at DXC Technology Chuck spent some quality time with our small startup company. He opened a lot of doors for us, providing introductions to potential investors and partners, as well as well-connected individuals on the Hill. Chuck also provided invaluable assistance in forming our company and productstrategy. Pam Turner Managing Director at Prime Policy Group March 23, 2009, Pam managed Chuck directly Chuck was among the "start-up" team at DHS, and had responsibility for a wide range of complex issues and challenging proceduralsituations. His knowledge of the issues, familiarity with the political process, attention to detail, and his professionalism earned him the trust and respect of his Congressional contacts, his DHS associates, and all those who sought his counsel and help. Chuck is a "can-do" person, and I strongly recommend him. Timothy N. Teen CEO & Board at InSitech, Inc
114 Chuck is very knowledgeable in government affairs, the military and security sectorand is a diligent executive who is great to work with. While at the US Army's Picatinny Arsenal/ARDEC as well as with CVP, my team worked closely with Chuck in vetting technologies and services with applications for homeland security and defense. He has an acumen for technology issues, strong knowledge of investment banking/due diligence processes,and really knows his way around government bureaucracies. He is a collaborator who is committed to building great relationship and producing results and I most highly recommend him. Chuck Brooks References: * Admiral Jay Cohen (US Navy Ret), former Undersecretary of Science & Technology and the Department of Homeland Security and former Director of Naval Research for Department of Defense * Hon. Michael Chertoff, former Secretary of Homeland Security * StevenPomerantz, Former Director of Counterterrorism for the FBI
115 Thursday, June 30, 2016 from 8:00 AM to 6:00 PM The Ritz-Carlton Tysons Corner • Learn from Security Experts & Advisors Including: Chuck Brooks Speaking on Panel 1: Protecting the Enterprise from the Growing Risk of Security Breaches as it Relates to the Internet of Things
116 Meeting: BOARD ON LIFE SCIENCES and BOARD ON CHEMICAL SCIENCES AND TECHNOLOGY Safeguarding the Bioeconomy III Safeguarding the Bioeconomy III: Securing Life Sciences Data Speaker: Charles (Chuck) Brooks serves as the Vice President for Government Relations & Marketing for Sutherland Global Services. Chuck also serves as Chairman of CompTIA’s New and Emerging Technology Committee, and he serves as subject Matter Expert to The Homeland Defense and Security Information Analysis Center (HDIAC), a Department of Defense (DOD) sponsored organization through the Defense Technical Information Center (DTIC). In government, he served at the Department of Homeland Security as the first Director of Legislative Affairs for the Science & Technology Directorate. Chuck also spent six years on Capitol Hill as a Senior Advisor to the late Senator Arlen Specter where he covered foreign affairs, business, and technology issues .In academia, Chuck was an Adjunct Faculty Member at Johns Hopkins University where he taught graduate level students about homeland security and Congress. He has an MA in International relations from the University of Chicago, and a BA in Political Science from DePauw University, and a Certificate in International Law from The Hague Academy of International Law. Chuck is widely published on the subjects of innovation, public/private partnerships, emerging technologies, and issues of homeland security and cybersecurity
117
118 From “Cybersecurity is Top Business Priority in 2017” https://www.bebee.com/producer/@dbgrinberg/cybersecurity-is-top-business-priority-in-2017 In assessing the severity of security flaws in cyberspace, I spoke with several experts in the field. Charles “Chuck” Brooks is the vice president for government relations and marketingfor Sutherland Government Solutions. He served at DHS as the first director of legislative affairs for the Science and Technology Directorate. He ominously points out: "The reality is that the more digitally interconnectedwe become in our work andpersonal lives, the more vulnerable we become." -- Chuck Brooks Mr. Brooks adds: "Mitigating cyberthreats will grow as a priority for business, and for us personally, if we are to commercially functionand prosper." But how can companies successfully mitigate cyberthreats? His advice: "The C-suites and governingboards of corporations will need to invest in better enterprise and endpoint security toprevent phishing and malware probes by hackers. This will also require better training of executives and employees in basic information securitymeasures."
119 The Imperative to Address Security Concerns of the Rapidly Evolving Internet of Things BY CHUCK BROOKS  JAN 20, 2019
120 The Internet of Things (IoT) broadly refers to devices and equipment that are readable, recognizable, locatable, addressable and/or controllable via the internet. This includes everything from edge computing devices to home appliances, from wearable technology to cars. IoT represents the melding of the physical world and the digital worked, as sensors are not costly and wireless access is now ubiquitous. These days, if a device can be turned on, it can most likely be connected to the internet. Because of this, data can be shared quickly across a multitude of objects and devices, thereby increasing the rate of communications. According to a recent EY (Ernst & Young) study, Cybersecurity and the Internet of Things, it is estimated that the number of connected devices globally will exceed 50 billion by 2020. Fulfillment of this forecast will give any business, no matter the industry, access to endless amounts of vital, real-time data about their company and customers. Inside and outside the workplace, IoT has the capacity to greatly change the way we work and live. In terms of economic impact, the McKinsey Global Institute estimates that the Internet of Things has the potential to impact economies up to $6.2 trillion annually by the year 2025. Unfortunately, there are some pressing cybersecurity challenges associated with IoT. According to a study conducted in April of 2017 by The Altman Vilandrie & Company, nearly half of U.S. firms using the Internet of Things have experienced cybersecurity breaches. The study surmised that the cost of the breaches represented 13.4% of the total revenues for companies with revenues under $5 million annually and tens of millions of dollars for the largest firms. Nearly half of firms with annual revenues above $2 billion estimated the potential cost of one IoT breach at more than $20 million. The potential of IoT for both the public and private sectors is undeniable. But given the costs of a data breach and frequency of IoT-related security incidents, companies, agencies and consumers also need to understand the cybersecurity risks associated with an increasingly inter-connected global society. The billions of connected devices and trillions of sensors enabling IoT are creating an immense attack surface of insecure endpoints and web interfaces with pervasive vulnerabilities for hackers to exploit. There are estimates that nearly half of all companies in the United States that use an Internet of Things (IoT) network have been affected by a security breach. A recent Federal Trade Commission report called attention to the fact that just 10,000 households can generate 150 million data points daily, which provides a significant number of entry points for hackers. The prevailing perspective from a security operations perspective is that anything can be hacked in the Internet of Things. Most alarming, because of the connectivity of IoT, viruses can spread further and more rapidly. Also, there are unique challenges to IoT devices. Unlike laptops and smartphones, most IoT devices possess fewer processing and storage capabilities. This makes it difficult to employ anti-virus, firewalls and other security applications that could help protect them. At the same time, edge computing intelligently aggregates local data, making it a concentrated target for sophisticated threat actors.
121 The security challenge comes down to understanding what is connected in the IoT landscape, knowing how to best protect the most important assets and effectively mitigating and remediating a security incidents and breaches. A first step is building this security capability is to create an IoT risk management framework. A risk management approach is fundamental to anything involving security, whether it is physical or digital. IoT combines both those elements. Cybersecurity must address technology, interoperabilit, business, and consumer risk. There are no failsafe solutions, and the task of securing IoT is monumentally difficult, especially as connectivity grows. A viable risk management strategy requires stepping up assessing situational awareness, policies & training, technology integration, information sharing, mitigation capabilities and cyber resilience. An IoT security framework has unique security characteristics and must consider the requirements of changing default passwords on manufactured delivered devices. It should also analyze the impact of segmentation and/or isolation of IoT devices on reducing risk and attack surfaces. The end goal is to optimize solutions and services and determine what level of security is required for implementation. More specifically, the framework should be defined by the most basic elements and best practices in managed risk: layered vigilance (intelligence, surveillance); readiness (operational capabilities, visual command center, interdiction technologies); and resilience (coordinated response, mitigation and recovery). The complexity, diversity and lack of regulations of the IoT ecosystem pose a significant challenge to creating an operational IoT risk management framework. This is especially a concern in the amalgamation of legacy and new technologies in networks. For some time, the creation of standards to protect IoT devices has been a topic of discussion among governments, industry and organizations. It is a difficult quest because manufactures do not share many design elements and metrics, so standards are not easy to establish. Professional associations are attempting to set standards for functional IoT compatibility in the meantime. For example, the IEEE Standards Association is working on creating a cross-domain architectural frame work called the P2413 Standard for an Architectural Framework for the Internet of Things. Another IoT standard is being proposed by the Industrial Internet Consortium (IIC) for critical infrastructure. Yet another IoT standard effort involves the one M2M alliance. The group is developing technical specifications that address the need for a common M2M (machine-to-machine) Service Layer. While standards may or may not be adopted, lessons learned from the discussion can add to creating a more efficient security posture. Recently, the United States Government Accountability Office issued an assessment of the status and security issues surrounding the Internet of Things. The GAO identified the following type of attacks as primary threats to IoT:
122  Denial of Service  Malware  Passive Wiretapping  Structured query language injection (SQLi controls a web application’s database server)  Wardriving (search for Wi-Fi networks by a person in a moving vehicle)  Zero-day exploits Ransomware (in conjunction with malware) would be a good add to the GAO list. A variant of ransomware called “WannaCry” spread swiftly in 2017 and 2018, reaching over 100 countries and infecting over 200,000 computers. WannaCry disrupted government entities and many organizational and company networks that have connectivity to IoT. The Department of Homeland Security (DHS) and National Institute of Standards and Technology (NIST) also have released new security guidelines for the Internet of Things. This was done after a massive distributed denial-of-service attack targeted devices and shutdown many popular websites like Twitter and Etsy in 2016. The adoption of a common set of standards for manufactures and providers, combined with the promotion of security best practices, will help bring a higher level of security for IoT devices. Unfortunately, the longer the wait, the more difficult it will be to implement a compliance framework that allows for patching and auditing as well as tracking threats. IoT attacks will likely never be fully prevented, but there is an assortment of policies and technology tools that can help. These measures include machine learning and artificial intelligence and threat automation using real-time and predictive analytics. Also, IoT security is should include elements of access control, credential verifications, encryption and hardening of systems, applications and endpoints. As a society on the verge of unparalleled exponential connectivity, we are entering unchartered digital territory. New risks and unforeseen issues will no doubt confront us as the Internet of Things continues to evolve and expand. To address the potential perils of IoT, we need to develop working standards, build IoT security risk frameworks and develop emerging technologies to mitigate and remediate cyber-attacks. Security of IoT must be more than a priority; it needs to be an imperative.
123
124 Leadership Role Suits DHS in Cybersecurity Evolution May 29, 2018 by Chuck Brooks
125 https://www.hstoday.us/federal-pages/dhs/perspective-leadership-role-suits-dhs-in-cybersecurity-evolution/
126
127 U.S. Immigration and Customs Enf orcement’s Homeland Security Inv estigations Cy ber Crimes Unit helps track down those committing crimes in cy berspace. Here an ICE agent scans a suspect hard driv e. (ICE photo) Last month the Department of Homeland Security (DHS) unveiled its new cybersecurity strategy. DHS characterizes the strategy as providing “the Department with a framework to execute our cybersecurity responsibilities during the next five years to keep pace with the evolving cyber risk landscape by reducing vulnerabilities and building resilience; countering malicious actors in cyberspace; responding to incidents; and making the cyber ecosystem more secure and resilient.” In the strategy document, DHS cybersecurity goals for the next five years are succinctly stated:  “Goal 1: Assess Evolving Cybersecurity Risks. We will understand the evolving national cybersecurity risk posture to inform and prioritize risk management activities.  Goal 2: Protect Federal Government Information Systems. We will reduce vulnerabilities of federal agencies to ensure they achieve an adequate level of cybersecurity.  Goal 3: Protect Critical Infrastructure. We will partner with key stakeholders to ensure that national cybersecurity risks are adequately managed.  Goal 4: Prevent and Disrupt Criminal Use of Cyberspace. We will reduce cyber threats by countering transnational criminal organizations and sophisticated cyber criminals.  Goal 5: Respond Effectively to Cyber Incidents. We will minimize consequences from potentially significant cyber incidents through coordinated community-wide response efforts.  Goal 6: Strengthen the Security and Reliability of the Cyber Ecosystem. We will support policies and activities that enable improved global cybersecurity risk management.  Goal 7: Improve Management of DHS Cybersecurity Activities. We will execute our departmental cybersecurity efforts in an integrated and prioritized way.” Clearly, DHS has taken another step in fortifying its role as the lead civilian agency in the federal government for cybersecurity. DHS’s responsibility to protect against cyber threats has evolved significantly from early days of the department and its creation under the Homeland Security Act of 2002.
128 The DHS Mission Vision and Strategic Goals were crafted shortly after its legislative inception. Succinctly, the mission: “We will lead the unified national effort to secure America. We will prevent and deter terrorist attacks and protect against and respond to threats and hazards to the Nation. We will ensure safe and secure borders, welcome lawful immigrants and visitors, and promote the free flow of commerce.” The vision: “Preserving our freedoms, protecting America … we secure our homeland. Strategic Goals: Awareness, Prevention, Protection, Response, Recovery, Service, Organizational Excellence.” Fifteen years ago, CBRNE – Chemical, Biological, Radiological, Nuclear, and Explosives – were the threats of top concern of the mission vision and strategic goals. Cybersecurity was on the agenda and was a key focus along with interoperable communications. Because of the exponential growth of the internet of things, mobile devices, big data, and digital commerce, cybersecurity has grown immensely as a key priority while DHS has assumed more of a formal government role in the civilian cyber arena. A predominant reason for the enhanced focus on cybersecurity has been the rapid changes in the information technology landscape. Since 2002, the capabilities and connectivity of cyber devices and communications have grown exponentially. So have the cyber intrusions and threats from malware and hackers, requiring restructuring of priorities and missions. The cyber threat reaches far beyond ISIS and al-Qaeda, and includes hacktivists, various organized criminal enterprises and adversarial nation-states. In the past few years, a prime target of cyber intrusions has been the nation’s critical infrastructure, such as financial systems, chemical plants, water and electric utilities, hospitals, communication networks, commercial and critical manufacturing, pipelines, shipping, dams, bridges, highways and buildings. These incidents are not sector-specific and represent a challenge to preparation, budget and technical resources. A change in these risk environments has corresponded with a heightened DHS collaboration with other agencies, and especially the private sector stakeholders who own most of the nation’s vital infrastructure. DHS has had to step up assessing situational awareness, information-sharing and resilience research and development plans with these stakeholders to mitigate risk and protect critical infrastructure and key resources.
129 In the past few years, a prime target of cyber intrusions has been the nation’s critical infrastructure, such as financial systems, chemical plants, water and electric utilities, hospitals, communication networks, commercial and critical manufacturing, pipelines, shipping, dams, bridges, highways and buildings. In a recent speech at the 2018 Critical Infrastructure Summit, Secretary Kirstjen Nielsen also spoke to her cybersecurity priorities. Those priorities include addressing systemic risk and catastrophic risk through the collective defense model where government and industry work closer together, especially in the area of information sharing. Protecting the civilian federal cyber systems and strengthening the cybersecurity of the election infrastructure are also DHS critical cybersecurity priorities. DHS’s integral role in cyber preparedness, response and resilience are now accepted by other federal agencies, including the leadership of the defense and intelligence agencies. Retired Gen. Keith Alexander, former commander of USCYBERCOM and former director of the National Security Agency (NSA), noted recently that it is appropriate to put DHS in “the middle” of the issue. DHS, as a civilian agency, should take a leading role in safeguarding the nation’s cybersecurity preparedness. The Department of Defense (DoD) retains responsibility for offensive cybersecurity capabilities, including cyber warfare. A change in these risk environments has corresponded with a heightened DHS collaboration with other agencies, and especially the private-sector stakeholders who own most of the nation’s vital infrastructure. DHS has had to step up assessing situational awareness, information sharing and resilience research and development plans with these stakeholders to mitigate risk and protect critical infrastructure and key resources. There are multiple executive policy components that clarify DHS’s heightened role in the federal cybersecurity arena. The original enforcement authority in cybersecurity was spelled out under the Homeland Security Act (Section 2010) and reinforced by Homeland Security Presidential Directive 7 (HSPD-7), which stipulated that DHS “serve as a focal point for the security of cyberspace.” Subsequently, President George W. Bush established the Comprehensive National Cybersecurity Initiative (CNCI), pursuant to HSPD-23/NSPD-54. The CNCI laid the foundation for setting goals to meeting the full spectrum of cyber threats and many of the current policies stem from that initiative.
130 In July 2010, the Office of Management and Budget (OMB) assigned DHS the primary responsibilities for overseeing the federal-wide information security program and evaluating its compliance with the Federal Information Security Management Act of 2002 (FISMA). DHS is responsible for overseeing the protection of the .gov domain and also for detecting and responding to malicious activities and potential threats. DHS is also charged with annually reviewing the cybersecurity programs of all federal departments and agencies. The federal interagency Quadrennial Homeland Security Review (QHSR), which recognizes that DHS missions are “enterprise-wide and not limited to the Department of Homeland Security,” provided affirmation of OMB’s declaration. In 2010, DHS and DoD signed a landmark memorandum of agreement to protect against threats to critical civilian and military computer systems and networks. The DoD acknowledgement of DHS’s centrality in cybersecurity issues made a statement that the services would agree to DHS leadership and cooperate in spite of potential opposition from some in the intelligence community. In October 2012, President Obama issued Executive Order 13618 (and later Executive Order 13636), corresponding to Presidential Policy Directive-21 (PPD-21), which further provides an approach to developing standards and enhancing information sharing with critical infrastructure owners and operators. To better protect the federal cyber space, DHS deployed an automated cyber surveillance system called EINSTEIN 2 that monitors federal Internet traffic for malicious intrusions and provides near real-time identification of malicious activity. Interagency committees are also being established to coordinate detection and protection efforts to federal infrastructure across more than 15 agencies. In May 2017, President Trump issued an executive order on “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.” According to DHS, the executive order builds on DHS’s legal authorities, directing the department to assess and report on a number of key actions in order to secure federal networks. While each department or agency is responsible for the cybersecurity of its networks, DHS leads these efforts and ensures a baseline level of security across the civilian executive branch. A report in response to the executive order listed five complementary goals that would improve the resilience of the ecosystem:
131  Identify a clear pathway toward an adaptable, sustainable, and secure technology marketplace  Promote innovation in the infrastructure for dynamic adaptation to evolving threats  Promote innovation at the edge of the network to prevent, detect, and mitigate bad behavior  Build coalitions between the security, infrastructure, and operational technology communities domestically and around the world  Increase awareness and education across the ecosystem The underlying theme of the most recent proclamations is that they encourage private/public sector collaboration and are voluntary in nature. Over a dozen legislative proposals are now being considered in Congress to delineate regulatory impact and liabilities under such collaboration. It is unclear when, or whether, such legislation will actually be enacted. In the meantime, existing presidential and OMB directives create the operating framework, and the private sector is being relied upon more as a strategic partner. DHS has come a long way since 2002 and has elevated its technological and organizational capabilities in confronting security and terrorist threats. There has been great progress since the creation of DHS in many critical areas. This includes better security methods, detection technologies, and intelligence sharing in transportation security, particularly in aviation. Better training, inter-jurisdictional coordination and secure & interoperable communications for first responders. New predictive analytics and technologies to combat pandemics and biological, chemical, and explosive threats. And creation of enterprise cybersecurity monitoring, threat awareness and detection, and private/public partnering to protect critical infrastructures. No longer on the back burner, cybersecurity is a major challenge to the nation’s economic and security welfare. It will require continued dedication, public/private sector cooperation and leadership for DHS to continually fulfill its growing leadership role.
132 Visiting Editor Chuck Brooks Chuck Brooks is the Principal Market Growth Strategist -- Cybersecurity and Emerging Technologies for General Dynamics Mission Systems. He is also an Adjunct Professor at Georgetown University in the Graduate Applied Intelligence Program teaching Risk Management. LinkedIn named Chuck as one of “The Top 5 Tech People to Follow on LinkedIn” out of their 500 million members. He has published more than 150 articles and blogs on cybersecurity and technology issues. In both 2017 and 2016, he was named “Cybersecurity Marketer of the Year by the Cybersecurity Excellence Awards. Chuck’s professional industry affiliations include being the Chairman of CompTIA’s New and Emerging Technology Committee, and as a member of The AFCEA Cybersecurity Committee. In government, Chuck has served at The Department of Homeland Security (DHS) as the first Legislative Director of The Science & Technology Directorate at the Department of Homeland Security. He served as a top Advisor to the late Senator Arlen Specter on Capitol Hill covering security and technology issues on Capitol Hill. In academia,
133 Chuck is an Adjunct Faculty member at Georgetown University in their Applied Intelligence Program was an Adjunct Faculty Member at Johns Hopkins University where he taught a graduate course on homeland security for two years. He has an MA in International relations from the University of Chicago, a BA in Political Science from DePauw University, and a Certificate in International Law from The Hague Academy of International Law. Chuck Brooks LinkedIn Profile: https://www.linkedin.com/in/chuckbrooks/ Chuck Brooks on Twitter:@ChuckDBrooks ---------------------------------------------------------------------------------------------------------- Chuck Brooks wins Marketer of the Year at Cybersecurity Excellence Awards Thu, 2017-02-09 01:49 PM
134 Chuck Brooks, Vice President at Sutherland Government Solutions, and Chairman of The New Emerging Technologies Committee for CompTIA, was named winner of Cybersecurity Marketer of The Year at the 2017 Cybersecurity Excellence Awards. The 2017 Cybersecurity Excellence Awards recognize companies, products and individuals that demonstrate excellence, innovation and leadership in information security. The finalists and winners were selected based on the strength of their nomination and the popular vote by members of the Information Security Community (both ratings and comments). “Congratulations to Chuck Brooks for winning the Cybersecurity Marketer of the Year category in the 2017 Cybersecurity Excellence Awards,” said Holger Schulze, founder of the 350,000 member Information Security Community on LinkedIn which organizes the awards program. “With over 450 entries, the 2017 awards are highly competitive. All winners and finalists reflect the very best in leadership, excellence and innovation in today's cybersecurity industry.” Chuck's thought leadership writings on cybersecurity have helped shape the public policy debate as he is respected in industr y, in the Federal Government, academia, and on Capitol Hill. He has been a force in discussing, a dvocating, promoting cybersecurity issues across digital media, at events, in professional forums, and with a variety of public policy organizations. He has been a leading evangelist for cybersecurity, homeland security, and emerging technologies in both the public and private sectors. He was selected by LinkedIn as “One of the Top 5 Tech People to Follow On LinkedIn” by LinkedIn. He has been a featu red speaker at numerous events and conferences. He recently presented at a workshop sponsored by The National Academies of Sciences, Engineering, and Medicine and the Federal Bureau of Investigation on Securing Life Sciences Data. He recently spoke at George Washington University event about the Cyber Threat Spectrum, will be participating soon at USTRANSCOM Seni or Leader Cyber Security Roundtable. Chuck has authored numerous articles focusing on cybersecurity, homeland security and technology innovation for many publications including Forbes, Huffington Post, The Hill, Federal Times, IT Security Planet, Bizcataly st 360, Next Gov, Alien Vault, Gov Tech, MIT Sloan Blog, Government Security News, and Brink. Chuck is a pioneer in social media with over 32,000 followers on LinkedIn and a global following and has brought significant attention to cyber issues from his fr equent posts and commentaries. He has been involved as a judge for the past four years as a Judge for Government Security News’ Annual Homeland Security Awards . As a senior executive in government relations, marketing, and management, Chuck brings a unique experience from service in the public sector, academia, and industry. He serves on a variety of boards, many of them philanthropic. He brings a substantive Brooks
135 knowledge on a broad range of cyber issues and a special subject matter expertise of cybersecurity and homeland security in government that have benefited both the not-for-profit, public, and commercial sectors. Chuck is one of the original “plank holders” at the Department of Homeland Security (DHS). Admiral Jay Cohen, former Under Secretary for Science & Technology at DHS stated “Chuck Brooks. as Director of Legislative Affairs at DHS, was INVALUABLE to me, the DHS S&T Directorate, DHS, the Nation AND Congress in making the "reformation" of DHS S&T a complete success. His Hill/DC acumen, insight, reliability, ability to develop highly effective congressional interaction/communications is WITHOUT PEER in my nearly 16 years dealing with senior executive branch officials, industry, academia and the Congress.” Dexter Ingram, Senior Advisor to Interpol, said the following about Chuck “he is a consummate professional who has a deep understanding of the issues, process, and people involved in the world of homeland security and Law enforcement. His breadth of experience derived from working on The Hill, in government, in academia, in industry, and with the media make him truly unique.” Chuck worked for many years on Capitol Hill for the late Senator Arlen Specter and covered national security, foreign affairs , and technology issues. He also was a member of the Adjunct Faculty at John Hopkins University where taught homeland security for two years. He has advised a multitude of organizations including the Bill & Melinda Gates Foundation, The Cyber Resilience Institute, and the Center for Advancing Innovation. He also serves as Chairman of CompTIA’s New and Emerging Technologies Committee, and is a member of the AFCEA Cybersecurity Committee. He is on the Board of Advisors for CyberTech, and on the Board of Directors at Bravatek, and the Cyber Resilience Institute. He is an advisor to R & D cybersecurity company Inzero Systems. He is a subject Matter Expert to The Homeland Defense and Security Information Analysis Center (HDIAC), a Department of Defense (DoD) sponsored organization through the Defense Technical Information Center (DTIC. Chuck also serves as a Christian Science Monitor “Passcode Influencers Panel member” on Information Security. He has a BA from DePauw University and an MA from the University of Chicago. -----------------------------------------------------------------------------  Christian Science Monitor’s Passcode Influencers gathered from 120 experts from across government,the private sector, research, and the privacy advocacy community
136 Navigating the four pillars of Washington By Chuck Brooks, contributor Washington is an eclectic city. It is a metropolis that is thriving economically and socially. Its architectural design is modeled after Paris and it is certainly a city of cultural diversity and historically interesting neighborhoods. Visually, the site of the monuments reflecting against the panoramic backdrop of the Potomac River is memorable for both visitors and native Washingtonians alike. It is really a city like no other city in America. Although it may be geographically small, Washington serves as the engine of government, an anchor of global financial policy and representation, a seat of institutionalized policymaking organizations, and as a growing center for business, especially in high tech. When I first came to Washington, I was overwhelmed by the intensity of life "inside the Beltway." I was enamored with all it had to offer ("Potomac Fever") but uncertain how to navigate it and decipher how things worked. Looking back, I would like to offer structure and pathways for others contemplating a public service career or seeking to accomplish tangible objectives for policy and/or business purposes in the nation's capital. There are four pillars that comprise the foundation of the operational world of Washington: government (executive, judicial and legislative branches); commercial (business, including global financial institutions; policy: (academia, think tanks and associations/organizations); and media (old and new).
137 These pillars function both individually and collectively. They are intertwined and to be effective, it is essential to understand their roles and impact on what you hope to accomplish. Understanding and gaining experience within these pillars that comprise the operational system of Washington takes focus and time. Success can be realized by navigating the pillars and establishing a strategy of strategic relationship building and connecting. Government: There has never been any doubt that government and politics make Washington tick. Government is not only the basis for tens of thousands of jobs in the area, but it also serves as the fulcrum for evolving and communicating domestic and international policies. Government is the center for laws and executive orders overseeing all aspects of our daily life and our professions. The Pentagon, intelligence agencies, and Department of Homeland Security are all based in Washington because it is the epicenter of power and decision-making. Government in Washington is by design structured as a system of check and balances. An understanding of how the various branches of government function is essential to influencing any regulatory outcome whether it be energy, healthcare or a national security issue. Working on Capitol Hill is invaluable experience and connects to all the pillars and is a special pedigree for mobility in one's career. Commercial: Although it is not a financial center like New York, Washington has been transforming over the years as a commercial hub. The World Bank, Federal Reserve, International Financial Corporation and the Chamber of Commerce are some of the organizations headquartered in the city. Many corporations have also relocated to the area to be near the action and position themselves for government and commercial opportunities. Both Virginia and Maryland have established high-tech corridors close to the city for those reasons. The international community with their embassies and trade groups increasingly see Washington as a growing center for commerce. Policy: It is not only the pillars of business and government that are cogs in the machine. Policy organizations (such as the Center for Strategic and International Studies, the Brookings Institution, the Heritage Foundation, the American Enterprise Institute and the Aspen Institute) that provide issue expertise, training and solutions are really the enabling fuel. A myriad of think tanks offer the latest insights in domestic and global events on a regular basis. Top local universities (such as Johns Hopkins's School of Advanced International Studies, George Washington, Georgetown, American, George Mason, and Maryland), also promote dialogue and informed decision-making and access. The
138 over 6,000 associations and organization with issue specific interests regularly outreach to key decision– makers who are part of the public and private sector pillars. Strategic communications and thought leadership are integral tools for persuasion. Media: The media are disseminators of information, with the duty to circumspect the activities of the other three pillars. The media's role is a fundamental one; any system of democratic government cannot operate without transparency and oversight. In Washington, most of the country's key media outlets have representation. Outside traditional old media, new media has become a force to consider. Most citizens have constant access and the metrics of public opinion are constantly pulsed. Corporate executives and government leaders use the social media, especially LinkedIn, Facebook and Twitter as part of their work environments. Government 2.0 and Business 2.0 are becoming the norms. Working in one or all of the pillars is helpful in terms of building issue expertise, contacts and gaining a holistic perspective of how Washington really works. This experience can provide the tactical knowledge to advance your marketing efforts and/or cause in the public/private world. There is no substitute for experience and for building a personal network to be empowered and effective. To be successful, you have to always keep abreast of the latest trends and be visible and helpful to your customer. In the Washington arena, you also have to develop the qualities for resilience and persistence as no one is always on the winning side of issues and contracts. Washington will always have its image challenges and be an enigma as to how it functions, especially to those who have never experienced life inside the Beltway. Exploring and experiencing the four pillars will bring an understanding of how to navigate a path to success for those who come to this amazing city to make a difference and leave a positive legacy. ---------------------------------------------------------------------------------------------------------------- Chuck Brooks on Cybersecurity: The Weakest Link Will Always Be the Human Element
139 Cybersecurity expert Chuck Brooks talks about where we stand in what many people call the "wild, wild west" of cybersecurity. http://www.govtech.com/dc/articles/Chuck-Brooks-on-Cybersecurity-The-Weakest-Link-Will-Always-Be-the- Human-Element.html BY LARRY KARISNY / MARCH 1, 20160 If you're in the cybersecurity business, you know the name Chuck Brooks. He is an advisor to the Bill and Melinda Gates Foundation Technology Partner Network,chairman of CompTIA's New and Emerging Tech Committee, subject matter expertto the Homeland Defense and Security InformationAnalysis Center, “passcode influencer” for The Christian Science Monitor, on the Board of Advisors for CyberTech, and on the Board of Directors at Bravatek and the Cyber Resilience Institute. Brooks also has authored numerous articles focusing on cybersecurity,homelandsecurity and technology innovation for such publications as Forbes, Huffington Post,InformationWeek, MIT Sloan Blog, Computerworld, Federal Times, NextGov,Government Security News, Cygnus Security Media, Homeland SecurityToday,The Hill and Government Executive. I recently got a chance to get Brooks' take on where we are today in what many people call the "wild, wild west" of cybersecurity. Here are his thoughts. Q. You wear manyhats and certainlyhave been focused on cybersecurity for some time now. So tell me, whois ChuckBrooks and whatis he trying to accomplish this space? A. You are right, over my career in government, corporate and academia,I have worn many hats. There have been some strong common threads [of] science, technology, national security,and legislative and
140 executive policy in all my various roles. Thankfully,I selected a professional vocation of government relations and marketing that encompasses all those threads. My passion for cybersecurity issues was first established over a decade ago during the time I spent at the Department of HomelandSecurity’s Science and Technology Directorate. Back then, the threats to our critical infrastructure were not as pronounced as they are today. Of course we were just beginning to experience the smartphone era. The field of cybersecurity has evolved exponentially alongwith the technologies, networks and connectivity that make up the cyberecosystem. And the ecosystem is quite diverse and expansive, comprising software,hardware, monitoring, forensics,governance andmore. All these elements make it an exciting area to explore since there is always more to learn from strategy and technology perspectives. Also, it certainly blends my common career threads. For anyone’s career focus, studying cybersecurity makes [sense] since it touches everything work- or personal-related. In both the publicand private sectors — just about every CIO survey — cybersecurity is the top concern. And of course, along with data analytics, cybersecurity is a annually a budget priority of federal spending. DHS Secretary Jeh Johnson recently described cybersecurity and counterterrorism as the two top priorities for the protecting the homeland. What I want to accomplish in this space is to continue being a subject matter expert in cybersecurity; I enjoy writing and speaking aboutthe varied aspects of the topic and especially in educating others on how it can impact their lives. My advisory and board director roles with organizations are a reflection of that interest. When I retire (which is a long way off), I hope to join academia again in a part-time role. I spent two years at Johns Hopkins University SAIS [School of Advanced International Studies] teaching graduate students homeland security and foundit very fulfilling.
141 Q. You have one of the most active groups in LinkedInunder theheadingof the Departmentof Homeland Security.How has this helped both yourself and DHS in feeling thepulse of the cybersecurity industry? A. I do operate a half dozen groups that focus on homeland security and information security on LinkedIn, including a few of the largest groups: “U.S.Department of Homeland Security, DHS” “Information Technology (Homeland& National Security)” and “Homeland Security.” In all, these groups include about 60,000people. Among the members are a host of well-known cybersecurity professionals who often post and comment on issues of the day. Also, as any news on data breaches or cyberincidents occur, they are often posted in the LinkedIn groups. Moderating these groups certainly keeps me updated and in tune with the pulse of policy. It has also served as a great networking venue to share ideas and information with some of the best security minds around in both the private and federal sectors. Many senior-level executives in the federal government are on social sites such as LinkedIn, GovLoop, Facebook and Twitter. There are an estimated 1.5 million federal government employees who regularly use LinkedIn, including over 65,000from DHS. Because of the growing need for public/private-sector collaboration and interface, being actively involved in social media makes a lot of sense. Q. What is Sutherland Government Relations and what do you do for the company? A. Sutherland Global Services is a global provider of business processing services, contact centers, IT service desks and management consultingserving government and U.S.leadingcorporations across multiple industries, including healthcare and insurance, technology, mortgage and loan services, finance and banking,retail,and travel. Sutherland has 36,000employees and annual revenues of over $1.2 billion, [and] was listed in 2015 as one of the fastest growing private companies in America byInc. I work for the recently created Sutherland Government Solutions as VP of Government Relations and Marketing, where we are at several agencies and are known for integrated services for citizen service
142 needs and digital government. Our cybersecurity operations at SutherlandGovernment Services are internal, but we do have a practice in customer relations management after a company or agency has been breached. Our cybersecurity practice is led by Glenn Schoonover who has a deep technical background.He is a former chief information security officer for the Army and was responsible for providing network security to the Department of the Army headquarters. He is also a former senior technology strategist for Worldwide National Security and Public Safety at Microsoft. Q. I see you are activein both the public and private sectors when it comes to cybersecurity. What are the similarities and differences between these two sectors? A. The biggest difference is that government is motivated by mission, and the private sector (for the most part) is driven by profit and loss. The R&D efforts, innovation sector and skilled technical expertise in the private sector has been more robust than in government. Industry is more agile and able to react to threat trends. On the federal side, the landscape has really changedover the past few years. [The U.S. Departmentof Defense], of course, has had the cybersecurity war-fightingmission and continues to build upon new requirements for operations and for systems. On the civilian side, DHS takes an increasingly larger role in cybersecurity. Presidential and congressional directives have mandated thatDHS play a growing and more primary role, especially with protecting critical infrastructure (transportation, health, energy, finance) that is mostly owned by the private sector. DHS has to step up its activities in assessing situational awareness, informationsharing,and resilience research and development plans with stakeholders. This has led to a trend in public-private partnering for sharingthreat information and in creating standards and protocols.In both the public and private sectors, trainingof the next- generation cybersecurity technical and policy [subjectmatter experts] is a major priority. Q. To date,thereseems to be a stand-off between Apple and the federal government when it comes to iPhone security.What are your thoughts on this,and can this bring aboutsome lessons learned for the cybersecurity industry?
143 A. This is the topic of the day, and it is a complicated issue relating to government requesting a corporation to provide software to allow access to data. My thoughts may be a bit different from some of the others in the industry. While I recognize the importance of privacy and the dire risk of an Orwellian surveillance state,I consider protecting innocentlives as a mitigating circumstance. What if that data that the FBI is seeking on the terrorist's encrypted phone uncovers a deeper terrorist network planning more horrific acts? In my opinion, this is a mitigating circumstance. What should be done is to establish protocols between industry and law enforcement to cooperate in these type of instances (with proper warrants and assurances) so that company Internet protocolcan be isolated and privacy issues for the company’s customers can be best addressed. I am quite sure Congress will be looking closely at this case to establish legislation to create a working formula.The lesson for cybersecurity is that there is a balance between privacy and security thathas to be constantly reviewed in accordance withthe threats at hand. Q. With billions of Inernet of Things devices on the near horizon and zetabytes of data projected by2020,can we secure and control our digital processes,or are we headed for a digital train wreck? A. According to Gartner, there will be nearly 26 billion networked devices on the Internet of Things (IoT) by 2020. Moreover, it will keep expanding as the cost of sensors decreases and processing power and bandwidthcontinue to increase. The fact is that most of these IT networks will have some sort of an IoT-based security breach.We could be headed for a digital trainwreck if IoT security standards are not adopted. We may have a digital train wreck even if they are adopted. Standards will have to be developed industry by industry. Protecting a network of medical devices in a hospital will require different sets of standards than protecting utilities with SCADA [supervisory control and data acquisition] systems that make up the electric grid. There are a lot of questions, including who enforces compliance? And what are the liabilities of an IoT breach? CYBERSECURITY EXPERT CHUCK
144 BROOKS' MASTER LIST OF CYBERSECURITY TECH AREAS, PRIORITIES AND EMERGING TRENDS Emerging Technology Areas: // Internet of Things // Wearables // Drones and robots // Artificial intelligence // Smart cities // Connected transportation // Quantum computing Priorities: // Protecting critical infrastructure through technologies and Public/Private cooperation // Better encryption and biometrics (quantum encryption, keyless authentication) // Automated network-security correcting systems (self-encrypting drives) // Technologies for “real-time” horizon scanning and monitoring of networks // Diagnostics and forensics (network traffic analysis, payload analysis and endpoint behavior analysis) // Advanced defense for framework layers (network, payload, endpoint, firewalls and antivirus)
145 The real danger is that the Internet was not built for security at its inception; it was built for connectivity. There is some truth to the notion that your network may someday be betrayed by your toaster or refrigerator. One thing is for sure: the Internet of Things will pose many challenges to cybersecurity and data analytics, muchof which we have yet to contemplate. Q. You've had theopportunity to review many cyberdefense technologies. Are we really finding new solutions that can handle this explosion of digital processes,or are we still playing the game of catch-up and patch-and- pray cybersecurity? A. New solutions are continually evolving with threats, but there will always be a need for better encryption, biometrics, analytics and automated network security to protect networks and endpoints. It is a perpetual game of cat and mouse between hackers and protectors, and there is really no such thing as being invulnerable. In a sense, we are continually playing catch-up andreactingto the last incident with patches. The weakest link will always be the human element. However, there are many new interesting technologies that could significantly impact cybersecurity in the near future. There are technologies and algorithms coming out of the national labs, government,and from private-sector R&D and startups thathave the potential to be disruptive. // Mobility and BYOD security // Big data // Predictive analytics // Interoperability Trends: // Informed risk management // Emergence of public/private sector partnerships // More information sharing and collaboration between the public and private sectors // Shared R & D spending // Increased spending for cloud computing // Consolidation of data centers // Expansion of hiring and training of cybersecurity workforce // Tech foraging
146 Q. Any final comments? And are there any speakingengagements or events you are participating in that you would like to announce? Could you also offer a good source for information on the subject of cybersecuritythat you would suggest for our readers? A. Please check my regular posts in the media and social media, join my LinkedIn groups and follow me on Twitter @ChuckDBrooks.I do have some future blogs with the National Cybersecurity Institute on my agenda. Also, in addition to social media, whichI highly recommend, there are many excellent outlets for cybersecurity information including the HomelandDefense and Security Information Analysis Center. A great site that aggregatedcybersecurity news daily is The CyberWire. Larry Karisny is the directorof Project Safety.org, an advisor, consultant, speaker and writersupporting advanced cybersecurity technologies in both the public and privatesectors.

More Related Content

DOC
Cybersecurity and Emerging tech; recent published articles, speeches, and act...
byChuck Brooks
 
PDF
CII Whitepaper India Cyber Risk & Resilience Review 2018
byConfederation of Indian Industry
 
PPTX
IoT and Covid 19
byAhmed Banafa
 
PPTX
Blockchain Technology and COVID19
byAhmed Banafa
 
PPTX
How Can Policymakers and Regulators Better Engage the Internet of Things?
byMercatus Center
 
PDF
HIMSS Response to DHS National Cyber Incident Response Plan
byDavid Sweigert
 
PDF
Interner of Things Iinsurance gateway
byΔρ. Γιώργος K. Κασάπης
 
PDF
Proof of immunity and the demise of privacy 2020 world in 2030
byFuture Agenda
 
Cybersecurity and Emerging tech; recent published articles, speeches, and act...
byChuck Brooks
 
CII Whitepaper India Cyber Risk & Resilience Review 2018
byConfederation of Indian Industry
 
IoT and Covid 19
byAhmed Banafa
 
Blockchain Technology and COVID19
byAhmed Banafa
 
How Can Policymakers and Regulators Better Engage the Internet of Things?
byMercatus Center
 
HIMSS Response to DHS National Cyber Incident Response Plan
byDavid Sweigert
 
Interner of Things Iinsurance gateway
byΔρ. Γιώργος K. Κασάπης
 
Proof of immunity and the demise of privacy 2020 world in 2030
byFuture Agenda
 

What's hot

PDF
Privacy in the Age of Big Data: Exploring the Role of Modern Identity Managem...
byArab Federation for Digital Economy
 
PPTX
Internet of Things & Wearable Technology: Unlocking the Next Wave of Data-Dri...
byAdam Thierer
 
PDF
The Digital Universe in 2020 - United States
byEMC
 
PDF
Is Your Organization in Crisis?
byBlackBerry
 
PPT
Improve Public Safety
byestotts75
 
PPTX
Internet of Things (IOT) - The Tipping Point
byDr. Mazlan Abbas
 
PPTX
Blockchain technology and supply chain management
byAhmed Banafa
 
DOCX
Chuck Brooks Profile: on Homeland Security, Cybersecurity, Emerging Technolog...
byChuck Brooks
 
PDF
Io t whitepaper_5_15_17
byAravindharamanan S
 
PPTX
Citizen centric digital and mobile-identity, personal data ecosystems and the...
byDr Rachel O'Connell
 
PDF
Commercial Real Estate - Cyber Risk 2020
byCBIZ, Inc.
 
PDF
The Challenge - and Opportunity - of 'Big Data'
bySerge Milman
 
PDF
2022 Cybersecurity Predictions
byMatthew Rosenquist
 
PDF
PulseSecure_Report_HybridIT_120715
byJim Romeo
 
PDF
The Essential Ingredient for Today's Enterprise
byReadWrite
 
PPTX
Future internet and agri at SRII Japan
byKrijn Poppe
 
PPTX
“Permissionless Innovation” & the Clash of Visions over Emerging Technologies
byAdam Thierer
 
PDF
How the Internet of Things Leads to Better, Faster Crisis Communication
byBlackBerry
 
PDF
50+ facts about State of CyberSecurity in 2015
byMarcos Ortiz Valmaseda
 
PDF
Security for Smartgrid
byGruene-it.org
 
Privacy in the Age of Big Data: Exploring the Role of Modern Identity Managem...
byArab Federation for Digital Economy
 
Internet of Things & Wearable Technology: Unlocking the Next Wave of Data-Dri...
byAdam Thierer
 
The Digital Universe in 2020 - United States
byEMC
 
Is Your Organization in Crisis?
byBlackBerry
 
Improve Public Safety
byestotts75
 
Internet of Things (IOT) - The Tipping Point
byDr. Mazlan Abbas
 
Blockchain technology and supply chain management
byAhmed Banafa
 
Chuck Brooks Profile: on Homeland Security, Cybersecurity, Emerging Technolog...
byChuck Brooks
 
Io t whitepaper_5_15_17
byAravindharamanan S
 
Citizen centric digital and mobile-identity, personal data ecosystems and the...
byDr Rachel O'Connell
 
Commercial Real Estate - Cyber Risk 2020
byCBIZ, Inc.
 
The Challenge - and Opportunity - of 'Big Data'
bySerge Milman
 
2022 Cybersecurity Predictions
byMatthew Rosenquist
 
PulseSecure_Report_HybridIT_120715
byJim Romeo
 
The Essential Ingredient for Today's Enterprise
byReadWrite
 
Future internet and agri at SRII Japan
byKrijn Poppe
 
“Permissionless Innovation” & the Clash of Visions over Emerging Technologies
byAdam Thierer
 
How the Internet of Things Leads to Better, Faster Crisis Communication
byBlackBerry
 
50+ facts about State of CyberSecurity in 2015
byMarcos Ortiz Valmaseda
 
Security for Smartgrid
byGruene-it.org
 

Similar to Cybersecurity, Emerging Technologies, and Homeland Security - Chuck Brooks

PDF
Security & Privacy Considerations for Advancing Technology
byJohn D. Johnson
 
PDF
Internet of things, New Challenges in Cyber Crime
byMurray Security Services
 
PDF
Internet of Things (IoT) - Hafedh Alyahmadi - May 29, 2015.pdf
byImXaib
 
PDF
George konstantakis iot and product design
by360mnbsu
 
PPTX
Applications of Iot.pptx
byDhruv Kamal
 
PDF
Cyber Security in Manufacturing
byCentraComm
 
PPTX
All The Things: Security, Privacy & Safety in a World of Connected Devices
byJohn D. Johnson
 
PDF
4.Jan Holler, Vlasios Tsiatsis, Catherine Mulligan, Stefan Avesand, Stamatis ...
byhuong Tran thu
 
PPTX
IOT – Internet of things.pptx (A Brief Introduction)
bylakshikaworks23
 
PPTX
IOT – Internet of things.pptx A Brief Introduction
bylakshikaworks23
 
PPTX
IoT and the industrial Internet of Things - june 20 2019
byJohn D. Johnson
 
PPTX
IoT
byMphasis
 
PPTX
Internet of things: Transforming our world
byRanjeet35
 
PPTX
Presentation Week 2-4_Introduction to Information Systems and Security Final....
byraulacapulco2
 
PPTX
IOTCYBER
byChuck Brooks
 
PPTX
CRMEVOLUTION
byChuck Brooks
 
PPTX
Future of Internet.pptx
byDeepakPrajapati257843
 
PDF
Dissection of the Internet of Things (IoT) Industry.pdf
bytheindustryviewmagaz
 
PPTX
Case study.pptx
byictctti
 
PDF
The Internet of Things: An Overview (IoT) ISOC SFO Chapter INET
byKaren Rose
 
Security & Privacy Considerations for Advancing Technology
byJohn D. Johnson
 
Internet of things, New Challenges in Cyber Crime
byMurray Security Services
 
Internet of Things (IoT) - Hafedh Alyahmadi - May 29, 2015.pdf
byImXaib
 
George konstantakis iot and product design
by360mnbsu
 
Applications of Iot.pptx
byDhruv Kamal
 
Cyber Security in Manufacturing
byCentraComm
 
All The Things: Security, Privacy & Safety in a World of Connected Devices
byJohn D. Johnson
 
4.Jan Holler, Vlasios Tsiatsis, Catherine Mulligan, Stefan Avesand, Stamatis ...
byhuong Tran thu
 
IOT – Internet of things.pptx (A Brief Introduction)
bylakshikaworks23
 
IOT – Internet of things.pptx A Brief Introduction
bylakshikaworks23
 
IoT and the industrial Internet of Things - june 20 2019
byJohn D. Johnson
 
IoT
byMphasis
 
Internet of things: Transforming our world
byRanjeet35
 
Presentation Week 2-4_Introduction to Information Systems and Security Final....
byraulacapulco2
 
IOTCYBER
byChuck Brooks
 
CRMEVOLUTION
byChuck Brooks
 
Future of Internet.pptx
byDeepakPrajapati257843
 
Dissection of the Internet of Things (IoT) Industry.pdf
bytheindustryviewmagaz
 
Case study.pptx
byictctti
 
The Internet of Things: An Overview (IoT) ISOC SFO Chapter INET
byKaren Rose
 

More from Chuck Brooks

DOCX
Gsn 2014 digital yearbook of homeland security awards
byChuck Brooks
 
DOC
Cybersecurity, Emerging Technologies, and Homeland Security - Chuck Brooks
byChuck Brooks
 
DOC
Collected 2018 writings, speeches,activities in Cybersecurity, Risk Managemen...
byChuck Brooks
 
PPTX
Virtual government engagement technologies
byChuck Brooks
 
DOCX
Featured speaker
byChuck Brooks
 
PDF
GSN announcement
byChuck Brooks
 
Gsn 2014 digital yearbook of homeland security awards
byChuck Brooks
 
Cybersecurity, Emerging Technologies, and Homeland Security - Chuck Brooks
byChuck Brooks
 
Collected 2018 writings, speeches,activities in Cybersecurity, Risk Managemen...
byChuck Brooks
 
Virtual government engagement technologies
byChuck Brooks
 
Featured speaker
byChuck Brooks
 
GSN announcement
byChuck Brooks
 

Recently uploaded

PDF
IAI-Unit1-notes useful.............................
bydinesh620610
 
PPTX
Corporate AI Training to AI Enable a Company Workforce
byStélio Inácio
 
PPTX
Information about Trusted Platform Module(TPM)
bynewtoknowtechs
 
PDF
Techbrains Baku 2025 by GoUP - all speaker session
byHusseinMalikMammadli
 
PDF
Industrial RFID Landscape for 2025 - Readers, Tags, Antennas, Printers, etc
byRich Rogers
 
PDF
Top 10 API Automation Testing Tools: Features, Pros & Cons
byhenrycavill30521
 
PPTX
Why 2026 Could Be a Turning Point for Decentralized Exchanges.pptx
bycalliemorgan193
 
PPTX
AI Bot Traffic Surge: Retail Fraud Threat for Age-Restricted Websites
byFTx Identity
 
PDF
Regenerative Agriculture Finance : Environmental impact
byrose mason
 
PDF
Artificial Intelligence and Barbarism - Conceptual Map
byalfadix
 
PPTX
UNIT III TYPOLOGY OF CRIME AND CRIMINAL BEHAVIOUR (1).pptx
bybloodyhumanoid
 
PDF
Benefits of Using the IAC 500 Sensor for Ambient Conditions
byCS Instruments
 
PDF
IAC 500 Sensor - Humidity Measurement Device
byCS Instruments
 
PDF
A Brief Introduction About Christopher Elwell Woburn
byChristopher Elwell Woburn
 
PPTX
Document Reconstruction using AI & Deep Learning
bysonjuktaweb
 
PDF
Top Benefits of Using KVM VPS Hosting for Growing Businesses
byEthernet Servers
 
PDF
Video Infrastructure_ Streaming Architecture and Delivery Systems.pdf
byTenbyte Limited
 
PPTX
Salesforce Spring 26 Release Key .pptx
byMehediHasan939830
 
PPTX
Cesium formate brine - A brief history - prepared by John Downs in May 2011
byJohn Downs
 
PDF
Small Business Automation: A Comprehensive Cost and ROI Guide
byAmelia Swank
 
IAI-Unit1-notes useful.............................
bydinesh620610
 
Corporate AI Training to AI Enable a Company Workforce
byStélio Inácio
 
Information about Trusted Platform Module(TPM)
bynewtoknowtechs
 
Techbrains Baku 2025 by GoUP - all speaker session
byHusseinMalikMammadli
 
Industrial RFID Landscape for 2025 - Readers, Tags, Antennas, Printers, etc
byRich Rogers
 
Top 10 API Automation Testing Tools: Features, Pros & Cons
byhenrycavill30521
 
Why 2026 Could Be a Turning Point for Decentralized Exchanges.pptx
bycalliemorgan193
 
AI Bot Traffic Surge: Retail Fraud Threat for Age-Restricted Websites
byFTx Identity
 
Regenerative Agriculture Finance : Environmental impact
byrose mason
 
Artificial Intelligence and Barbarism - Conceptual Map
byalfadix
 
UNIT III TYPOLOGY OF CRIME AND CRIMINAL BEHAVIOUR (1).pptx
bybloodyhumanoid
 
Benefits of Using the IAC 500 Sensor for Ambient Conditions
byCS Instruments
 
IAC 500 Sensor - Humidity Measurement Device
byCS Instruments
 
A Brief Introduction About Christopher Elwell Woburn
byChristopher Elwell Woburn
 
Document Reconstruction using AI & Deep Learning
bysonjuktaweb
 
Top Benefits of Using KVM VPS Hosting for Growing Businesses
byEthernet Servers
 
Video Infrastructure_ Streaming Architecture and Delivery Systems.pdf
byTenbyte Limited
 
Salesforce Spring 26 Release Key .pptx
byMehediHasan939830
 
Cesium formate brine - A brief history - prepared by John Downs in May 2011
byJohn Downs
 
Small Business Automation: A Comprehensive Cost and ROI Guide
byAmelia Swank
 

Cybersecurity, Emerging Technologies, and Homeland Security - Chuck Brooks

  • 1.
    1 Cybersecurity, Emerging TechnologiesRisk Management, and Homeland Security: Published Writings, Speeches, and Activities by Chuck Brooks Chuck Brooks LinkedIn Profile: https://www.linkedin.com/in/chuckbrooks/ Twitter Profile: @ChuckDBrooks
  • 2.
    2 Chuck Brooks isa Technology Evangelist, Cybersecurity Growth Strategist, Brand Ambassador, Influencer, Corporate Executive, Speaker, Writer, Government Relations, Business Development, and Marketing Executive. He is also a Subject Matter Expert, Advisor, and Thought Leader in the areas of: Emerging Technologies, Homeland Security, Risk Management, Internet of Things, Cybersecurity & Homeland Security, Cloud, Smart Cities, Business Process Outsourcing, Design Thinking,
  • 3.
    3 Digitization, Digital Media,Artificial Intelligence, Quantum Computing, Big Data, Digital Transformation
  • 4.
  • 5.
    5 Career Summary Highlights: Named Top Person To Follow on Tech by LinkedIn  Named “top U.S. 50 social influencers in risk, compliance and RegTech in the United States” by Thomson Reuters  Published over 200 articles on technology and cybersecurity topics (featured FORBES Contributor, Washington Post Cybersecurity Advisory Panelist, and Visiting Editor Homeland Security Today)  Named “#2 Global Influencer in Cybersecurity” by a distinguished panel of 30 judges by IFSEC) and “Top 20 To Follow on Cybersecurity” by author/expert Scott Schober. Named Top Global Thought Leaders to Follow on IoT by Thinkers360. Mentor TechStars Accelerator. Cyber Startup Observatory Hall of Fame. EC-Council Global Advisory Board member for Threat Management. Named by Peerlyst as one of top 52 experts to follow on cbersecurity  Current Adjunct Faculty at Georgetown University in Graduate Applied Intelligence and Cybersecurity Programs and former Adjunct Faculty Johns Hopkins University
  • 6.
    6  Received PresidentialAppointments for Executive Service by two Presidents of the United States.  Helped "stand up" Office of Legislative Affairs at the US Department of Homeland Security.  Served as first Director of Legislative Affairs at the DHS Science & Technology Directorate  Served as Senior Legislative Staff (foreign affairs, security, tech, business) to Senator Arlen Specter, U.S. Senate  Former Technology Partner Advisor at Bill and Melinda Gates Foundation  5 Time Judge; Government Security News Homeland Security Awards  Named Cybersecurity Marketer of the Year- 2017, 2016  Served in Corporate Executive in Government Relations, Marketing, and Business Development
  • 7.
  • 8.
  • 9.
  • 10.
    10 Discovering Applications andPotential ofThe Internet ofThings by Chuck Brooks We have entered a new era of scientific breakthroughs and technological applications that will change life as we know it. Accelerated technological development is transforming our civilization. The pace of innovation is growing so rapidly that it is becoming exponential as each year passes. Futurist Dr. Michio Kaku characterizes this blazing technological shift as moving from the “age of discovery” to the “age of mastery.” This next decade beckons many new technological discoveries and applications. This includes genetic engineering and regeneration of body parts, new cures for diseases, artificialintelligence, augmented reality, nano-technologies, robotics, ultra-high speed trains and self-driving cars, renewable energies, sustainable agriculture, big data, 3-D Printing, digital security, quantum computing, mobility, and paper thin flexible personal computers. If you read the MIT Technology Review on a weekly basis, you will be provide continual insights into the trends of disruptive transformation. It also important to know some key stats and terms … and implications of the Internet of Things (IoT): Some Key IoT; Definitions/Stats:  IoT refers to the general idea of things that are readable, recognizable, locatable, addressable, and/or controllable via the Internet.
  • 11.
    11  Physicalobjects communicatingwith each other.  People, data, things (machine to machine, machine to people) .  According to Gartner there will be nearly 26 billion networked devices on the Internet of Things by 2020.  Cisco estimates that IoT will be valued at $4.6 Trillion for the Public Sector in the next ten years  604 million users of wearable biometrics in 2019 according to Goode Intelligence Aspects ofThe Internet ofThings IoT Key Components of IoT: Big Data (and data mining), Sensors (RFID, chips, transistors, Analytics (predictive). IoT Product and Service Applications: Improving government services. Better efficiencies and performance via BPO. Smart solutions under budget constraints. scalability; BPO can more rapidly adapt and manage customer service for the exponential growth and magnitude of IoT, risk mitigation. Management/integration. Compliance. Data integrity. Consumer facing digital government and responding to public need. IoT Areas of focus: facilities & infrastructure management, industrial applications, energy (smart grid) , medical & healthcare, transportation, building/construction (smart buildings), environment (waste management), water resources, retailand supply chain, communications, and education (learning analytics). IoT Technology Trends: automation, robotics, enabling nanotechnologies, self-assembling materials, artificial intelligence (human/computer interface), 3D Printing Photovoltaics and printed electronics), wearables (flexible electronics) real-time analytics and predictive analytics, super-computing (faster and more connectivity), increased storage and data memory power, wireless networks, secure cloud computing, virtualization. IoT Policy Issues: ethics, interoperability protocols, cybersecurity, privacy/ surveillance, complex autonomous systems, best commercial practices. IoT Benefits: logistics and situational awareness by monitoring data, i.e. traffic jams, parking management, and distributed traffic control. Energy use (utilities). Productivity; manufacturing, logistics, telework. Healthcare; connected devices (wearables) patient monitoring vital body signs with remote monitoring capabilities. Emergency management; i.e. weather incidents, crow control. Security: cameras, sensors, forensics. IoT Areas ofImpact:
  • 12.
    12 Health & Medicine Health- Implantable devices, bionic eyes, DNA nanomedicines  Genomic techniques – gene therapy (Gene therapy to enhance strength, endurance and lifespan Gene therapy to enhance human intelligence)  Remote sensing tech  Medicine for longevity, enhancement  Real-time biomarker tracking and monitoring  Artificially grown organs Human regeneration (regrow lost limbs in months)  Life expectancy doubles  Human cells interfaced with nanotech MNT repair of physical trauma, almost no deaths once injured and then get MNT treatment (EMT or hospital) MNT repair of cellular damage MNT able to replace various organs MNT able to enhance body functions, Cybernetics  Exoskeletons for mobility Transportation:  Sustainability of infrastructure  Converged transportation ecosystems and monitoring  Autonomous and connected cars  Predictive analytics(parking, traffic patterns) Energy:  Solar power  Waste to biofuels  Protecting the Grid  Batteries (long lasting) Law Enforcement and Public Safety:  Surveillance (chemicaland bio sensors, cameras, drones)
  • 13.
    13  Forensics  Interoperablecommunications  Security screening by bio-signature: Every aspect of your physiology can be used as a bio-signature. Measure unique heart/pulse rates, electrocardiogram sensor, blood oximetry, skin temperature Finance:  Mobile payments  Mobile banking  Identity management  Biometric Security: access controlfacialrecognition, voice recognition, iris and retina scanners, fingerprint sensors on tablets and smartphones – pass keys Agriculture:  Aqua farming  Water purification  New food manufacturing and production tech  Food security As tech and connectivity continues to evolve and expand, the many potentials of The Internet of Things will also grow. There is much we will soon discover. This article was written by Chuck Brooks. He is the Principal Market Growth Strategist for General Dynamics Mission Systems for Cybersecurity Systems. He is also Adjunct Faculty in the graduate Applied Intelligence Program and Graduate Cybersecurity Program at Georgetown University.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
    20 MEDIA:THOUGHT LEADER, INFLUENCER,TECHNOLOGY EVANGELIST: FeaturedWriter/Speaker/Blogger:expertise areas:homelandsecurity, cyber security, defense, CBRNE, AI, science &technology, public/privatepartnerships, IoT, innovation. Publishedin FORBES, HuffingtonPost, InformationWeek, MITSloanBlog, Computerworld, Federal Times, NextGov, Government Security News, Cygnus Security Media, HomelandSecurity Today (Visiting Editor), The Hill, Biometric Update, Bizcatalyst360, ITSecurity Planet, ChristianScienceMonitor SOCIAL MEDIA EXPERTISE: 56,000 plus LinkedInfollowers, 5,000Facebook, 11,000 Twitter followers. Co-leader of twotopHomeland Security Groups onLinkedIn. Run15 other business, techLI groups
  • 21.
  • 22.
  • 23.
    23 Chuck Brooks hasbeen recognized by leading media and security organizations for his insights and contributions in cybersecurity. He was named as the “#2 Global Influencer inCybersecurity”by a distinguishedpanel of 30 judges by IFSEC. A total of 20 cybersecurity global thought leaderswere selectedtobe included in the list. The judging panel includedCISOs from Fortune 50 and topsecurity leaders from organizations andmedia. IFSEC Global, launchedin the UK in 1972, is aworld renownedleading provider of news, features, videos andwhite papers for the security andfire industry. “Influence’ was definedby the award in the following ways:  Someone who has played a key role in driving technological innovation  Someone who has beena driving force inchanging regulation, standards/guidance or best practice  Someone whose insights/opinions are widely respectedandwhich are influential in shaping debate around industry issues  Someone who has beeninstrumental inthe success of the organization or business they leador are employedby  Someone who has helpedto raise the industry’s profileor beenan influential voice in the national media  IFSEC Global influencers 2018:Cybersecurity https://www.ifsecglobal.com/ifsec-global- influencers-2018-cybersecurity/
  • 24.
    24  Chuck wasalsoselectedby Cyber StartupObservatory as “ Cybersecurity Leader of The Week” The purpose of the Cybersecurity StartupObservatory is tocollaborate tobuildasafer financial industry and to helpsolve important problems leveraging cybersecurity innovation.Youcan visit an interesting #interviewcovering Chuck's thoughts andforward- thinking views on: https://cyberstartupobservatory.com/cyber-startup-observatory-chuck-brooks- cybersecurity-leader-of-the-week/  He was also includedwithsome of the world’s most respectedcybersecurity experts and thought leaders inbest-selling author andinformationsecurity leader Scott Schober’s blog: “20 Cybersecurity ExpertsWorthFollowing.”Please check out articlebelow https://scottschober.com/20-cybersecurity-experts-worth-following/  Chuck alsoreceivedrecent other accoladesfromThe WashingtonPost who named Chuck to be part of “The Network”Cybersecurity 202. “The Network,”is acuratedpanel of high level cyber experts, including topleadersinthe public and private sectors, security researchers, andacademics, who will weighinon topissues of the moment. AndHomeland Security Today named Chuck as a Visiting Editor. He alsoserving as the Executive Editor of a Newsweek MediaGroupVantage publicationexploring the impact of artificial intelligence on cybersecurity
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
    29 Chuck Brooks BIO Chuckfull time role is the Principal Market GrowthStrategistfor General Dynamics Mission Systems for Cybersecurity andEmerging Technologies. LinkedInnamedChuck as one of “The Top 5 TechPeople to Followon LinkedIn”out of their 550 millionmembers. He is alsoan advisor to LinkedInon cybersecurity andemerging technology issues. Inboth2017 and 2016, he was named “Cybersecurity Marketer of the Year by the Cybersecurity Excellence Awards. He is also a Cybersecurity Expert for “The Network”at the WashingtonPost, Visiting Editor at Homeland Security Today, and Contributor toFORBES Chuck’s professional industry affiliations include being the Chairmanof CompTIA’s Newand Emerging Technology Committee, as a member of The AFCEA Cybersecurity Committee, andas member of the Electrical andElectronics EngineersIEEEStandards Association(IEEE-SA) Virtual Reality andAugmentedReality Working Group. Some of Chuck’s other activities includebeing a Subject Matter Expert toThe HomelandDefense andSecurity InformationAnalysis Center (HDIAC), a Department of Defense (DoD) sponsoredorganizationthroughthe Defense Technical InformationCenter (DTIC), as a featuredpresenter at USTRANSCOMoncybersecurity threatsto transportation, as a featuredpresenter tothe FBI andthe National Academy of Sciences onLife Sciences Cybersecurity. He is anAdvisory BoardMember for The Center for Advancing Innovation, and was alsoappointed as a Technology Partner Advisor tothe Bill andMelinda Gates Foundation. He has servedas the lead Judge for the 2014,15,16,and17 Government Security News HomelandSecurity News Awards evaluating topsecurity technologies. In government, Chuck has receivedtwosenior Presidential appointments. Under President George W. BushChuck was appointedtoThe Department of Homeland Security (DHS) as the first
  • 30.
    30 Legislative Director ofThe Science & Technology Directorate at the Department of Homeland Security. He alsowas appointedas Special Assistant tothe Director of Voice of Americaunder President Reagan. He servedas atop Advisor tothe late Senator ArlenSpecter onCapitol Hill covering security andtechnology issuesonCapitol Hill. In local government he also workedas an Auxiliary Police officer for Arlington, Virginia. In industry, Chuck has servedinsenior executive rolesfor Xerox as Vice President &Client Executive for HomelandSecurity, for Rapiscanand Vice President of R & D, for SRA as Vice President of Government Relations, andfor Sutherlandas Vice President of Marketing and Government Relations. He was alsoVice President of Federal R & D for RapiscanSystems. In media, Chuck is the featuredHomelandSecurity contributor for Federal Times, featured cybersecurity contributor for HighPerformance Counsel oncybersecurity, andan advisor and contributor toCognitive World, aleading publicationon artificial intelligence. He has also appearedin Forbes and HuffingtonPost and has publishedmore than 150 articles andblogs on cybersecurity, homelandsecurity andtechnology issues. He has 45,000 followers onLinkedInand runs a dozenLI groups, including the two largest inhomelandsecurity. In academia, Chuck is Adjunct Faculty at GeorgetownUniversity teaching acourse inhomeland security risk management anda course in homeland security technologies. He was an Adjunct Faculty Member at Johns Hopkins University where he taught agraduate course on homeland security for twoyears. He has an MA in International relations fromthe University of Chicago, a BA in Political Science fromDePauwUniversity, andaCertificate inInternational LawfromThe Hague Academy of International Law.
  • 31.
    31 Honored to benamed as the “#2 Global Influencer in Cybersecurity” by a distinguished panel of 30 judges by IFSEC. A total of 20 cybersecurity global thought leaders were selected to be included in the list. The judging panel included CISOs from Fortune 50 Companies (i.e Microsoft), and top security leaders from organizations and media. IFSEC Global, launched in the UK in 1972, is a world renowned leading provider of news, features, videos and white papers for the security and fire industry. https://www.ifsecglobal.com/ifsec-global-influencers-2018-cybersecurity/
  • 32.
    32 Professor Chuck Brooksappointed Faculty by GeorgetownUniversity’s Master in Applied Intelligence Chuck Brooks, MA ’81 was recently appointed to be Adjunct Faculty at Master’s in Applied Intelligence Program at Georgetown University. Georgetown University’s Master of Professional Studies in Applied Intelligence program focuses on three key sectors, namely homeland security, law enforcement, and competitive business intelligence.
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
    39 Visiting Editor Chuck Brooks ChuckBrooks is the Principal Market Grow th Strategist -- Cybersecurity and Emerging Technologies for GeneralDynamics Mission Systems. He is also an Adjunct Professor at Georgetown University in the Graduate Applied Intelligence Program teaching Risk Management. LinkedIn named Chuck as one of “The Top 5 Tech People to Follow on LinkedIn” out of their 500 million members.
  • 40.
  • 41.
  • 42.
  • 43.
    43 Chuck Brooks onAT&T Panel discussing innovation in cybersecurity at The 2018 Gartner Global Risk Management Summit
  • 44.
  • 45.
    45 Enjoyed speaking lastnight at Georgetown University’s “Cyber Week” event sponsored by Cyber Scoop. Innovation & Integration: An Evening with Cybersecurity Experts Hosted by: Maria F. Trujillo, Ph.D., Faculty Director for the Systems Engineering Management and Technology Management master's programs Frederic Lemieux, Ph.D., Faculty Director for the Applied Intelligence and Cybersecurity Risk Management master's programs Speakers: Dmitri Alperovitch, Co-Founder and CTO, CrowdStrike Chuck Brooks, Principal Market Growth Strategist, Cybersecurity and Emerging Technologies, General Dynamics Adam Firestone, Chief Engineering Officer, at Secure Channels, Inc., and Editor In Chief, United States Cybersecurity Magazine Melinda Rogers, Deputy CIO, Department of Justice
  • 46.
    46  WASHINGTON POSTTAPS CYBERSECURITY EXPERT CHUCK BROOKS FOR 'THE NETWORK:' https://www.depauw.edu/news-media/latest-news/details/33698/  Professor Chuck Brooks appointed by Georgetown University’s Master in Applied Intelligence http://europesecuritynews.com/8186/professor-chuck-brooks- appointed-by-georgetown-universitys-master-in-applied-intelligence/  Chuck Brooks Speaker on TIC Consortium Panel: Emerging Tech for Hybrid Warfare by The Intelligence Community, Inc. https://www.eventbrite.com/e/tic-consortium-panel-emerging-tech- for-hybrid-warfare-tickets-44375006840#
  • 47.
  • 48.
  • 49.
  • 50.
    50 It was anhonor co-presentingwith John Perren former Assistant Director of the Weapons of Mass Destruction Directorate of the FBI, and LTC Scott Appelgate, StrategicPlanner, J5, Cyber Policy Division at US Joint Chiefs Of Staff and Dr. Frederic Lemieux Professor and Program Director, at the National SecurityThreat Convergence: Violent Extremism and Cybersecurity event at George Washington University
  • 51.
    51 Article Published byLinkedIn Featuring Chuck Brooks: 5 Tech Voices You Should Be Following on LinkedIn by Meghan Brockmeyer https://business.linkedin.com/marketing-solutions/blog/marketing-for-tech-companies/2016/5-tech-voices-you-should-be-following- on-linkedin
  • 52.
    52 When you’re lookingfor inspiring and informative professional perspective online, where do you go? Are there experts that keep meaningful tabs on your industry? Or executives whose insights you turn to for fresh insights and new ideas? If so, you already recognize the huge opportunity to engage with, and learn from peers online. Chuck Brooks – Security Voice and “Government Relations and Marketing Executive, Thought Leader” Chuck’s varied security experience is evident in what he publishes. From aviation to public sector, government to science, his posts take on the multifaceted aspects of cyber security as it relates to industries/verticals, homeland issues and next-gen technology. Since he’s keen on variety, with formats ranging from expert Q&As to content roundups, to non-tech posts associated with topics/verticals he’s covered, his perspective truly stands out. Tech marketer takeaways: Chuck focuses core content on security, but isn’t afraid to include content tangentially related to core subject matter (e.g. a post focused on mastering the art of influence in Washington, D.C.) which incorporates fresh/unexpected content to help keep readers interested and foster conversation.
  • 53.
    53 Chuck Brooks Speakingat the Duty of Care Conference and at Cyber Aviation event in Washington, DC, MEDIA Activities:  Publications/Writings/Interviews: Published in Huffington Post, Forbes, LinkedIn Marketing (Featured SMEon Cybersecurity and Emerging Tech) GovernmentSecurity News (featured contributor), The Hill (featured contributor), FederalTimes (Featured Contributor on homeland security issues), Christian Science Monitor (Member of PasscodeInfluencers Panel), TheHill, GovernmentExecutive, MITSloan Blog, Homeland Security Today, Cygnus Media, BizCatalyst360 (Featured
  • 54.
    54 Contributor), NextGov, AlienVault (Featured Contributor), GovernmentTechnology, GovExec, High PerformanceCounsel(Featured Contributor), Brink Risk Management (Featured Contributor), ITSP Magazine(Featured Contributor), Security Information Watch, Advisor and Contributor to Cognitive World.
  • 55.
    55 Chuck Brooks asFeatured Speaker (partial list of events):  Dallas 2018 AT&T Business Conference (artificial intelligence and cybersecurity)  General Dynamics Mission Systems Small Business Conference -keynote speaker  2018 Electronics Components Industry Association Conference (IoT)  DC Cybersecurity Summit 2018 (ransomware)  2017 Privacy and Security Summit (incident response)  2018n Carvercon Critical Infrastructure Convention (vulnerability asssessments)  National Academy of Sciences/FBI Biosecurity Meeting 2016  2017 IBM Event on Robotic Process Automation  USTRANSCOM Cybersecurity Roundtable 2017  The Information Systems Security Association (ISSA) 2017 Mid Atlantic Conference  British Embassy 2017 and 2018 (cybersecurity)  ACT-IAC Event on Social Media Branding 2017  Duty of Care Conference 2017  10th Annual Homeland Security Conference (Counter-terrorism magazine)  George Washington University Cybersecurity event  Institute of Management Consultants Conference 2016  Critical Security Controls Editorial Panel, Council on Cybersecurity  DC Cybersecurity Summit (Securing The IoT) 2016, 2017
  • 56.
    56  CRM Summit(The Internet of Things, Cyber-Security, and Government Readiness) 2016  The Astana Economic Forum and Global Risk Expo in Astana, Kazakhstan.  National Cybersecurity Institute  University of Chicago webcast on Emerging Technologies  Webcast Host on Mobile Identity Management  Global Cyber Threat Summit  Cybersecurity Summit 2016, 2017  Kaspersky Cyber Security Conference 2015  IDGA Homeland Security Week conference  Homeland Security Professionals Conference 2015  Secure Cities Conference 2014  CyberMaryland conference 2014/15,17  National Press Club, Global Business News events 2014/15,16  Featured Panelist on Cybersecurity, Open Innovations Forum (MIT Technology Review co-sponsor)  Guest seminar lecturer on lobbying and interest groups in the national security policy process at the National War College of the National Defense University  Regional Representative 2011, Davos Second World Economic Forum “Communication on Top”
  • 57.
  • 58.
    58 Thx @ChuckDBrooks forsharing your perspective that RPA= innovation at our @IBM facilitated #digitalexchange on #roboticprocessautomation.
  • 59.
    59 ProfessionalActivities: Chuck serves asChairman of CompTIA’s New and Emerging Technology Committee, and serves on Boards to severalprominent public and private companies and organizations. Heis Advisory Board Member to The Center for Advancing Innovation Inc., a subjectMatter Expert to The Homeland Defenseand Security Information Analysis Center (HDIAC), a Departmentof Defense(DoD) sponsored organization through theDefense Technical Information Center (DTIC), and Member, Electrical and Electronics Engineers IEEEStandards Association (IEEE-SA) VirtualReality and Augmented Reality Working Group He is a former Technology Partnership Advisor tothe Bill and MelindaGates Foundation. Chuck has served in government at the Department of Homeland Security at the Science &Technology Directorate, atVoice of America(VOA), and also for 7 years on Capitol Hill as a Senior Advisor to Senator ArlenSpecter on technology and security issues. Heis also former Adjunct Faculty at Johns Hopkins University, and received his MA in InternationalRelations fromthe University of Chicago, B.A, in Political Science from DePauw University, and a Certificate in InternationalLaw from The Hague Academy of International Law, Netherlands.
  • 60.
  • 61.
  • 62.
    62 Cyber Startup Observatory– Chuck Brooks, Cybersecurity Leader of the Week Chuck Brooks is the Principal Market GrowthStrategist –Cybersecurity and Emerging Technologies for General Dynamics Mission Systems. Chuck is also an Adjunct Faculty member at Georgetown University in their Applied Intelligence Program. LinkedIn named Chuck as “a Top Tech Person To Follow” and he has been widely published on cybersecurity and emerging technology topics in FORBES, Huffington Post, InformationWeek, MIT Sloan Blog, Computerworld, Federal Times, Homeland Security Today (Visiting Editor), and many other publications. Chuck helped “stand up”
  • 63.
    63 Office of LegislativeAffairs at the US Department of Homeland Security and served as first Director of Legislative Affairs at the DHS Science & Technology Directorate. He has an MA in International Relations from the University of Chicago and a BA in Political Science form DePauw University. Are There Any Common Traits To What Makes a Successful Security Program? For example, incorporating the Three Pronged Approach of People, Processes and Technology? A security strategy to meet these growing cyber-threat challenges needs to be both comprehensive and adaptive. It involves people, processes, and technologies. Defined by the most basic elements in informed risk management, cybersecurity is composed of:  Layered vigilance (intelligence, surveillance);  Readiness (operational capabilities, visual command center, interdiction technologies);  Resilience (coordinated response, mitigation and recovery). The specifics of a security approach may vary according to circumstances, but the mesh that connects the elements is situational awareness combined with systematic abilities for critical communications in cases of emergency. These guidelines are represented in The U.S. government’s
  • 64.
    64 National Institute ofStandards and Technology (NIST) mantra for industry: “Identify, Protect, Detect, Respond, Recover”.
  • 65.
    65 Specifically, there area variety of steps involving people, processes, and technologies that can make a security programsuccessful. Recently, a not-for-profitorganization the# CyberAvengers (of which I am a member along with cyber experts Paul Ferrillo, Kenneth Holley, George Platsis, Shawn Tuma, George Thomas, and Christophe Veltsos) published a basic cyber-hygiene formula that provides a good nine point checklist for cyber protection that any company can follow: 1) Update and patch your networks, operating system and devices promptly. “Critical” is “critical” for a reason. Do it within 72 hours of release. 2) Train your employees on how to detect spear and whale-phishing attempts and what best social media practices are. Quarterly training can reduce the risk by up to 90 percent in most cases. 3) Use multifactor authentication. We have effectively reached the age of password uselessness due to our poor habits. Passwords slow down bad guys who do not know what they are doing. Biometric solutions are great, but proceed with caution if you go this route because you now have data management and privacy concerns that must be addressed. 4) Back up regularly (daily if feasible). Where possible, use the “1, 2, 3” backup rule: 1. a segmented backup on-site; 2. one off-site; and 3. one in the cloud. No need to pay the ransom if you have a clean backup ready to be uploaded to your system.
  • 66.
    66 5) Be cautiouswith older systems. Yes, older systems can be repaired. However, theupfront capital cost is not always affordable. The critical issuebecomes support(patches) for these systemstops. If these systems are past their “patch life” they become tempting targets for hackers. 6) Follow-on to the last point, sometimes the best answer is the cloud. Cloud service providers have state of the art hardware and software and cloud migrations have become easier, especially over the last two years. The cloud is not a savior—it comes with other issues, such as needing to learn what your obligations and responsibilities are, ensuring you have robust agreements with your vendors, and knowing what third-party sources will have access to your information. 7) Know how your intrusion detection and prevention systemworks. Isit signature-based? Perhaps it is behavioral-based? Maybe it is both? New cyber threats require new tools. This is where machine learning, cognitive computing, AI, automation, and orchestration all come into play (but only when done in tandem with all other techniques discussed here). Internet data traffic has reached the stage where humans aren’t able to do this on their own. 8) Consider a Managed Service Provider (MSP) or a Managed Security Service Provider (MSSP). Cybersecurity is not everybody’s strength, but one ransomware attack could be crushing. There are options out there to help you. Sure, it costs money, but you are buying peace of mind. Do your homework and find the right solution for you. 9) Do you drive your car without insurance? Cyber insurance is not mandatory yet, but it may be in the future. Chances are if you are doing a lot of what is suggested here, premium payments will be at the lower end.
  • 67.
    67 A successful cybersecuritywill also require integration of emerging technologies for identity management, authentication, horizon monitoring, malware mitigation, resilience, and forensics. Automation and artificial intelligence are already impacting the capabilities in those areas. Cybersecurity capabilities in information sharing, hardware, software, encryption, analytics, training and protocols, must keep pace to protect and preempt the increasingly sophisticated threats in both the public and private sectors. What Advice Do You Have For Security Leaders? My Advice to security leaders is that cybersecurity is a team sport and everyone needs to be involved. It starts with basic cyber-hygiene and defining the threats for employees. It needs to be systematic and repeatedly offered with reminders and encouragement. This communication process suggestion applies to all industries, especially the financial industry that is being constantly targeted by hackers. Because of the fact that employees are continually facing a growing amount of sophisticated phishing, ransomware, and DDoS attacks, security leaders must serve as the outer perimeter to monitor and prevent attacks in addition to the cyber-hygiene role.
  • 68.
    68 Assessing vulnerabilities indata protection for any industry requires a working operational cybersecurity framework. For example, my basic list would include:  Are the latest security patches applied on the operating systems and software?  Have the servers been monitored and checked and confirmed to be free of malware?  Do the firm’s firewalls block everything not specifically necessary for business?  Is anti-virus software loaded and active on all systems?  Is all sensitive data identified, encrypted and stored securely?  Is a Virtual Private Network (VPN) used for general browsing on employee laptops and smartphones?  Are servers and sensitive computer data kept in secure locked areas?  Are WiFi access-points configured securely?  Are employees required to learn and adhere to cyber-hygiene policies to prevent social engineering and phishing attacks?  Is there a clearly written and enforced cyber security framework in place?  Is there and incident response plan in place?
  • 69.
    69 Of course thatlist can be expanded and customized. But having a strategic plan in place to deter, protect, mitigate against cyber-threats is the best advice I can offer to other security professionals. And that plan should also include incident response and communications protocols if a breach occurs. What are the biggest Challenges We Face in the Year ahead? 2017 was the worst year on record for breaches. In 2017, globally there were a total of 5,207 breaches and 7.89 billion information records compromised. Unfortunately, 2018 is following the same trends. The challenges have not diminished. We live in world of algorithms; 1’s and 0’s. Our digital world is ripe for access and compromise by those who want do harm from just a laptop and server. A myriad of recent breaches have
  • 70.
    70 demonstrated that asconsumers we are becoming more and more dependent upon digital commerce. Our banking accounts, credit cards, and financial daily activities are interconnected. We are all increasingly vulnerable from hackers, phishers, and malware proliferating across all commercial verticals. Ransomware has become an serious threat and challenge. In 2017, the use of ransomware has become a preferred method of cyber-attack choice by hackers. This is because many networks (especially hospitals, utilities, universities, and small businesses) arecomprised of different systems, devices and often lack required patching and updating necessary to thwart attacks. The recent Wannacry, and Petya attacks were certainly wake up calls to the disruptive implications of ransomware. We can expect to see more such attacks because of the ease of infection and because the vulnerabilities to networks still remain. Also, the availability for hackers to be paid via cryptocurrencies makes ransomware more criminally viable Ransomware is not a new threat, it has been around for at least 15 years, but it has become a trending one. Experts estimate that there are now 124 separate families of ransomware and hackers have become very adept at hiding malicious code. Success for hackers does not always depend on using the newest and most sophisticated malware. It is relatively easy for a hacker to do. In most cases, they rely on the most opportune target of vulnerability, especially with the ease of online attacks.
  • 71.
    71 Perhaps even moreominous are the Distributed Denial of Service attacks (DDoS). Tech Target provides a succinct definition of A distributed denial-of-service (DDoS) attack is an attack in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource. The flood of incoming messages, connection requests or malformed packets to the target system forces it to slow down or even crash and shut down, thereby denying service to legitimate users or systems. The connectivity of the Internetof Things (IoT) and its billions of connected devices is conducive for DDoS activities. A Gartner report predicts more than 20 billion connected things to the internet by 2020 that can be hacked or compromised. Clearly, it is almost an insurmountable task to monitor and protect IoT. In 2016 a DDoS attacks were launched against a Domain Name System (DNS) called Dyn. The attack directed a variety of IoT connected devices to overload and take out internet platforms and services. It is an increasingly difficult challenge to keep up with the increasing sophistication of the socially engineered threats and threat actors. McKinsey & Company and the World Economic Forum published a joint paper a couple of years back projecting that ineffective cybersecurity will result in a cost to the global economy of three trillion dollars by 2020. That estimate may be even greater now that IoT has expanded so rapidly along with the attack surfaces constituted by so many billions of connected devices to the internet. Consider the dire and eye opening facts: Hackers attack every 39 seconds and around one billion accounts and records were compromised worldwide last year. There are estimates that global
  • 72.
    72 Cybercrime damage costswill reach $6 trillion annually by 2021. Cybercrime is growing exponentially and so are the risks. What Are Key Strategies Toward Addressing The Insider Threat? The Cyber Insider Threat is one of the most difficult challenges for companies, organizations, and countries. It is often difficult to discover, defend and remediate because such threats can involve a combination human behavioral elements and hardware and software technologies. Many of the threat actors are tech-savvy and are becoming increasingly sophisticated in their methods of infiltration. For Chief Information Security Officers (CISO), defending against insider threats is one of their biggest challenges. In fact, according to a SANS 2015 Survey on Insider Threats, 74% of CISOs
  • 73.
    73 expressed concern aboutemployees stealing sensitive company information. The 2016 Cyber Security Intelligence Index, IBMfound that 60% of all cyber- attacks were carried out by insiders. A Verizon 2016 DBIR Report disclosed that that 77 percent of internal breaches were deemed to be by employees, 11 percent by external actors only, 3 percent were from partners and 8 percent involved some kind of internal-external collusion which makes them hard to categorize. And according to Accenture HfS Research 69% of enterprise security executives reported experiencing an attempted theft or corruption of data by insiders during the last 12 months. Negligent behavior is often the result of lack of security awareness due to poor security protocols and updates of patches, and especially compliance, and training, but anyone can be a victim of a spoof or phishing attack. Accidental insider threats can result from a multitude of causes including inadvertent disclosure of sensitive information, lost records, or a portable memory device. Also, employees who bring their own devices (BYOD) to work increase the risk of accidental cross pollination to company networks of malware and viruses from their smartphones. Insider threats can impact a company’s operationalcapabilities, cause significantfinancial damages, and harm a reputation. While there are no complete total solutions to eliminating vulnerabilities from insider threats, Risk management is a prudent mechanism to reduce the likelihood of breaches. Risk management should determine how authorized access is maintained and monitored. Comprehensive risk management should include cyber-hygiene best practices; education/training, use policies and permissions, configuring network access, devicemanagement, application controls, and regular network audits. Also, encryption tools, new network mapping, automated rapid
  • 74.
    74 detection technologies andbehavioral analytic software tools have also been developed that help mitigate the insider threat landscape of morphing digital and physical threats. How Can CISOs, CIOS and the C-Suite Work Together? A key for cybersecurity is creating a collaborative landscape for all parties involved in combating threats and responding to incidents. That includes CISOs, CIOS and the C-Suite. Often CISOs and CIOs do not speak the same language and the focus of their serious IT concerns often differs. This can be ameliorated by establishing a shared framework between the C-Suite and the IT professionals of operations that includes means for communication and most importantly, a shared strategy. Collaboration is king.
  • 75.
    75 A strategy planshould evolve from that framework should directly name the decision-makers and spell out responsibilities. A primary goal is for the CTO and CIO and SMEs to educate the Board and present the values and potential costs of such IT operational components so they develop a deeper understanding and align all business elements, including marketing and sales, with cybersecurity. It is best if the plan is calibrated by outside SMEs, the CTO, and CIO for specific Cybersecurity requirements. Developing an understanding and creating an effective cybersecurity operational strategy really depends on a Ying/Yang formula; you need the technical people who understand the street view challenges of industry from an engineering perspective and you need the executives who run P & L to facilitate the operations and go to market efforts, to sign off on a clearly defined plan. The themes of the framework should include protecting data, corporate IP, and establishing governance. A successful collaborative strategy requires stepping up assessing situational awareness, information sharing, and especially resilience. In C-Suite terms, what is the price tag for staying in business. In IT terms this may include operational components of encryption, biometrics, smarter analytics, and automated network security, informed risk management software, cyber certifications and training, network monitoring, and incorporating NextGen layered hardware/software technologies for the enterprise network, payload, and endpoint security. Also, access and identity management of connected devices need to be strengthened and enforced through new protocols and processes.
  • 76.
    76 Also, it isimperative that any strategy and plan include working mechanisms for operational incident response, gap analysis, resilience, and audits. Cybersecurity is integral to brand reputation and no matter what, breaches will happen and how quickly and effectively a company responds will be a consequence to the bottom line to shareholders. How has Industry Cooperation Made an Impact on Cybersecurity ? There are three key areas in industry partnering has reaped innovation and cybersecurity benefits: 1) open collaboration and information sharing of threats; 2) best practices/lessons learned (gap analysis); 3) accessing research development (“R & D”) and innovation. Industry has focused on those three areas to identify products and product paths, evaluate technology gaps, and help design scalable architectures that will lead to more efficiencies and positive changes. The financial industry has been at the forefront of strengthening industry cooperation through open collaboration, best practices, and shared research and development. As a result, he industry has accelerated innovation and helped meet the challenges we all face as citizen/consumers in this evolving technological era.
  • 77.
    77 In macro terms,open collaboration and information-sharing among industry stakeholders has simplified operations and help reduce duplicative IT portfolios, administrative complexity, and technological redundancy. A continued industry partnership involving information-sharing and risk-sharing will exponentially benefit innovation in many key areas including homeland/national security, health and human services, energy, public safety and transportation. Such information sharing will become even more of an imperative as connectivity in industry grows with the emergence of the Internet of Things. The growing complexity and magnitude of cyber-threats has created an unprecedented level of transparent collaboration between private stakeholders. Cooperation in Innovation also has enabled the application of expertise and planning to maximize and leverage capabilities to build faster, smarter, and better outcomes. And that cooperative trend needs to continued and be expanded.
  • 78.
    78 In the future,industry and public/private sector cooperation should follow an impact framework that incorporates emerging technology areas, organization & policy priorities, and cybersecurity trends: Emerging Technology Areas:  Internetof Things (society on new verge of exponential interconnectivity  Wearables  Robotics  Artificial intelligence and Machine Learning  SmartCities  Connected transportation  Virtual and Augmented Reality  Drones  Super Computing  QuantumComputing and Encryption  Big Data Organization & Policy Priorities:  Protecting critical infrastructure through technologies and Public/Private cooperation  Better identity management via encryption and biometrics  Automated network-security correcting systems (self-encrypting drives)  Technologies for “real time” horizon scanning and monitoring of networks
  • 79.
    79  Diagnostics andforensics (network traffic analysis, payload analysis, and endpoint behavior analysis)  Advanced defense for framework layers (network, payload, endpoint, firewalls, and anti- virus)  Mobility and BYOD security  Predictive and Forensic Analytics  Interoperability Cybersecurity Trends:  Informed risk management to mitigate cybersecurity threats  Emergence of formalized Public/Private sector cybersecurity partnerships  More information and threat sharing and collaboration between the public and private sectors  Shared R & D cybersecurity spending  Increased spending for cloud security computing  Consolidation and protection of on premise data centers from cyber threats  Expansion of hiring and training of cybersecurity workforce  Tech foraging It is a special honor for me to be selected as the Cybersecurity Leader of the week. Cybersecurity is a critical path to mitigate the growing global threat of cyber-attacks that has targeted the financial services community. To stay safer, I requires strategic collaboration and open dialogue. I hope that sharing
  • 80.
    80 insights for thisinterview has helped serve in those areas. I want to convey my personal thanks and appreciation to Cyber Start Up Observatory for allowing me to provide my inputs to this important forum and for choosing me for the award. Chuck Brooks Short Bio Chuck Brooks is the Principal Market Growth Strategist — Cybersecurity and Emerging Technologies for General Dynamics Mission Systems. Chuck is also an Adjunct Faculty member at Georgetown University in their Applied Intelligence Program. LinkedIn named Chuck as one of “The Top 5 Tech People to Follow on LinkedIn” out of their 550 million members. He has published more than 150 articles and blogs on cybersecurity and technology issues. In both 2017 and 2016, he was named “Cybersecurity Marketer of the Year by the Cybersecurity Excellence Awards. Chuck’s professional industry affiliations include being the Chairman of CompTIA’s New and Emerging Technology Committee, as a member of The AFCEA Cybersecurity Committee, and as a Technology Partner Advisor to The Bill and Melinda Gates Foundation. In government, Chuck has served at The Department of Homeland Security (DHS) as the first Legislative Director of The Science & Technology Directorate at the Department of Homeland Security. He served as a top Advisor to the late Senator Arlen Specter on Capitol Hill covering security and technology issues on Capitol Hill. In academia, he was an Adjunct Faculty Member at Johns Hopkins University where he taught a graduate course on homeland security for two years. He has an MA in International relations from the University of Chicago, a BA in Political Science from DePauw University, and a Certificate in International Law from The Hague
  • 81.
  • 82.
  • 83.
    83 Chuck Brooks articleson FORBES: https://www.forbes.com/sites/cognitiveworld/people/chuckbrooks/#58455e ed6a44
  • 84.
    84 More Published Writingsby Chuck Brooks (Partial List):  CHUCK BROOKS, FEATURED HPC CONTRIBUTOR – ADVISER TO LINKEDIN AS CYBERSECURITY AND EMERGING TECHNOLOGY SUBJECT MATTER EXPERT https://highperformancecounsel.com/chuck-brooks- featured-hpc-contributor-adviser-linkedin-cybersecurity-emerging-technology-subject-matter-expert/  Why LinkedIn is an Indispensable Medium for SecurityProfessionals | by Chuck Brooks LinkedInMarketing Blog (post has received more than a million views!) https://business.linkedin.com/marketing- solutions/blog/marketing-for-tech-companies/2017/why-linkedin-is-an-indispensable-medium-for- security-professiona  Chuck Brooks on FORBES: https://www.forbes.com/sites/cognitiveworld/people/chuckbrooks/#324692f16a44  Four Emerging Technology Areas That Will Help Define Our WorldIn 2019 https://www.forbes.com/sites/cognitiveworld/2018/12/24/four-emerging-technology-areas-that-will-help- define-our-world-in-2019/#67777af58ddd
  • 85.
    85  The NewTechno-Fusion: The Merging Of Technologies Impacting OurFuture https://www.forbes.com/sites/cognitiveworld/2019/02/26/the-new-techno-fusion-the-merging-of- technologies-impacting-our-future/#30f9310e1f3e  A Scoville Heat Scale For Measuring Cybersecurity https://www.forbes.com/sites/cognitiveworld/2018/09/05/a-scoville-heat-scale-for-measuring- cybersecurity/#e7a78c133275  Catalyzing Innovation via Centers, Labs, and Foundries https://www.forbes.com/sites/cognitiveworld/2018/07/11/catalyzing-innovation-via-centers-labs-and- foundries/  Cybersecurity, Is there Light at the End of The Tunnel in 2018? https://www.alienvault.com/blogs/security-essentials/cybersecurity-is-there-light-at-the-end-of-the- tunnel-in-2018  Employing A Risk Management Framework To The Internet of Things http://reader.mediawiremobile.com/OnTheFrontlines/issues/203075/viewer?page=17  Protecting Energy CriticalInfrastructure a Key Challenge for DHS https://www.hstoday.us/subject-matter- areas/infrastructure-security/protecting-energy-critical-infrastructure-a-key-challenge-for-dhs/  PERSPECTIVE: Leadership Role Suits DHS in Cybersecurity Evolutionby Chuck Brooks https://www.hstoday.us/federal-pages/dhs/perspective-leadership-role-suits-dhs-in-cybersecurity- evolution/
  • 86.
    86  CYBERSECURITY ACTIONLIST FOR LAW FIRMS https://highperformancecounsel.com/a-cybersecurity- action-list-for-law-firms/  DHS S&T Showcases Innovation and Partnerships at RSA 18 Cybersecurity Conference https://www.hstoday.us/federal-pages/dhs/dhs-st/dhs-st-showcases-innovation-and-public- private-partnerships-at-rsa-18-cybersecurity-conference/  The 4th Industrial Revolution May Change the Way We Are Connected to Ourselves http://cognitiveworld.com/article/4th-industrial-revolution-may-change-way-we-are-connected-ourselves  Emerging Technologies and the Cyber Threat Landscape https://www.alienvault.com/blogs/security- essentials/emerging-technologies-and-the-cyber-threat-landscape  7 Emerging Tech Trends For 2018 https://www.alienvault.com/blogs/security-essentials/emerging- technologies-and-the-cyber-threat-landscape  Artificial Intelligence And Machine Learning Hot Topics At RSA 2018 https://www.itspmagazine.com/itsp- chronicles/artificial-intelligence-and-machine-learning-hot-topics-at-rsa-2018  Trends In Emerging Cognitive Technologies and Predictive Analytics http://cognitiveworld.com/article/trends-emerging-cognitive-technologies-and-predictive- analytics  Needed: New Ideas to Help Enable The Federal Cybersecurity Workforce https://recruitingcybersecurity.com/federal-cybersecurity-workforce/
  • 87.
    87  Congress prioritizescyber issues for homeland security funding in 2018[Commentary] https://www.linkedin.com/pulse/thought-leadership-links-chuck-brooks-published-writings-chuck- brooks/  Interview with Chuck Brooks https://scienceofcybersecurity.com/chuck-brooks/  Hurricane Harvey: Special thanks totheprofessionals, volunteers helpingothers http://www.federaltimes.com/management/leadership/2017/08/29/hurricane-harvey-special-thanks-to-the- professionals-volunteers-helping-others-commentary/  Expert Chuck Brooks Offers A Cybersecurity “Cheat Sheet” For The C- Suite https://highperformancecounsel.com/expert-chuck-brooks-offers-cybersecurity-cheat-sheet-c- suite/  Rising Tides And Higher Stakes. Cybersecurity Thought-Leader ChuckBrooks In Interview https://highperformancecounsel.com/new-cybersecurity-stakes-interview-cybersecurity-thought-leader- chuck-brooks/  Emerging Technologies For The Public Sector by ChuckBrooks in Cognitive World http://cognitiveworld.com/article/emerging-technologies-public-sector  Chuck Brooks Federal News Radio Interview: New administrationlooks to DC for cyber innovation https://federalnewsradio.com/whats-working-washington/2017/05/new-administration-looks-to-dc-for- cyber-innovation/  Identity Theft, The Not So Hidden Scourge by Chuck Brooks https://www.alienvault.com/blogs/security- essentials/identity-theft-the-not-so-hidden- scourge?bwf_dp=t&bwf_entry_id=5382&bwf_token_id=17267&bwf_token=QXuSRLGATE0mnNfPwfSTORz j9  Co-Author of The #CyberAvengers Playbook; The Non-Technical, No Nonsense Guide For Directors, Officers, and General Counsels https://www2.fireeye.com/OFFER-WP-Legal-Playbook.html
  • 88.
    88  Blockchain forGovernment: A Cheat Sheet: http://www.nextgov.com/technology-news/tech- insider/2017/07/blockchain-government-cheat-sheet/139274/?oref=ng-HPriver  Rising Tides And Higher Stakes. Cybersecurity Thought-Leader ChuckBrooks In Interview https://highperformancecounsel.com/new-cybersecurity-stakes-interview-cybersecurity-thought-leader- chuck-brooks/  A Quick Summary of Recent Cybersecurity Trends & Developments by Chuck Brooks https://highperformancecounsel.com/quick-summary-recent-cybersecurity-trends-developments- businesses-law-firms-know/  Defining and Addressing the Growing Cyber Insider Threat https://www.alienvault.com/blogs/security- essentials/defining-and-addressing-the-growing-cyber-insider-threat  EXPERT BROOKS ON #CYBERSECURITY: IS WANNACRY RANSOMWARE JUST THE WARM-UP ACT? https://highperformancecounsel.com/expert-brooks-cybersecurity-wannacry-ransomware-just- warm-act/  Time to streamline Congressional oversight of DHS [Commentary] http://www.federaltimes.com/articles/time-to-streamline-congressional-oversight-of-dhs-commentary  5 emerging tech key to transportation security [Commentary] http://www.federaltimes.com/articles/5- emerging-tech-key-to-transportation-security-commentary  THE GAMIFICATION TREND IN #CYBERSECURITY – EXPERT CHUCK BROOKS TALKS THROUGH THIS EMERGING SOLUTION FOR CLIENTS HTTPS://HIGHPERFORMANCECOUNSEL.COM/GAMIFICATION- TREND-CYBERSECURITY-EXPERT-CHUCK-BROOKS-TALKS-EMERGING-SOLUTION-CLIENTS/  Chuck Brooks Federal News Radio Interview: New administration looks to DC for cyber innovation https://federalnewsradio.com/whats-working-washington/2017/05/new-administration- looks-to-dc-for-cyber-innovation/  Automation technologies and the changing cybersecurity ecosystem http://gsnmagazine.com/node/48279?c=cyber_security
  • 89.
    89  Chuck Brooks,The Tech Voice You Should be following: University of Chicago Webinar (YouTube with slide deck presentation) https://www.youtube.com/watch?v=3wk2uMXzS60&feature=youtu.be  WannaCry ransomware worm attacks the world (Interview Comments by Chuck Brooks http://www.securityinfowatch.com/article/12334948/wannacry-ransomware-worm-attacks-the-world  CYBERSECURITY EXPERT & HPC CONTRIBUTOR CHUCK BROOKS ON MEETING GROWING SECURITY CHALLENGES https://highperformancecounsel.com/cybersecurity-expert-hpc-contributor-chuck-brooks- meeting-growing-security-challenges/  The Cusp of Technological Transformation http://cognitiveworld.com/article/cusp-technological- transformation-0  Technologies And Companies In The Cybersecurity Battleground https://www.bizcatalyst360.com/technologies-and-companies-in-the-cybersecurity-battleground/  NCF-DC05 New Leadership At DHS Goes Public On Cyber – DC Update with ChuckBrooks http://www.logiccentralonline.com/new-cyber-frontier/ncf-dc05/  Writestream Radio welcomes Cybersecurity Expert Chuck Brooks http://www.blogtalkradio.com/writestream/2017/08/30/the-writestream-welcomes-cybersecurity- expert-chuck-brooks#.WaasLo3XMLA.facebook  CYBERSECURITY EXPERT & HPC CONTRIBUTOR CHUCK BROOKS ON MEETING GROWING SECURITY CHALLENGES https://highperformancecounsel.com/cybersecurity-expert-hpc-contributor-chuck-brooks- meeting-growing-security-challenges/  Chuck Brooks explains the difference between ICS and IT security http://iiot- world.com/cybersecurity/chuck-brooks-explains-the-difference-between-ics-and-it-security/  RANSOMWARE IS SPREADING LIKE WORMS:ARE YOU READY? http://www.nextgov.com/technology- news/tech-insider/2017/05/ransomware-spreading-worms-are-you-ready/137896/?oref=ng-channelriver  Homeland Security wins in Trump budget, especially in cybersecurity [Commentary] http://fifthdomain.com/2017/03/17/homeland-security-wins-in-trump-budget-especially- in-cybersecurity-commentary/
  • 90.
    90  The cybersecuritypriority for DHS in 2017 http://www.federaltimes.com/articles/the-cybersecurity- priority-for-dhs-in-2017  Congress had an office that gave expert tech analysis; let's bring it back http://thehill.com/blogs/pundits- blog/technology/306426-congress-had-an-office-that-gave-expert-tech-analysis-lets  Recent Attacks Demonstrate The Urgent Need For C-Suite Cybersecurity Expertise https://www.alienvault.com/blogs/security-essentials/recent-attacks-demonstrate-the-urgent- need-for-c-suite-cybersecurty-expertise  Meeting Security Challenges Through Vigilance, Readiness and Resilience http://www.brinknews.com/?p=5052?utm_source=BRINK+Subscribers&utm_campaign=b94043 847f-BRINK_Daily_Insights_28_02_17&utm_medium=email&utm_term=0_c3639d7c98-b94043847f- 110145109  The Priority of the Government/Industry Cybersecurity Partnership https://www.alienvault.com/blogs/security-essentials/the-priority-of-the-government- industry-cybersecurity-partnership  Will Vulnerable U.S. Electric Grid Get a New Protection Mandate? http://www.brinknews.com/will- vulnerable-u-s-electric-grid-get-a-new-protection-mandate/  Emerging focus on cyber threats to energy infrastructure http://www.federaltimes.com/articles/emerging-focus-on-cyber-threats-to-energy- infrastructure  Congress had an office that gave expert tech analysis; let's bring it back http://thehill.com/blogs/pundits- blog/technology/306426-congress-had-an-office-that-gave-expert-tech-analysis-lets  Creating A Secure Smart City http://www.qognify.com/blog/creating-secure-smart-city/  Safeguarding Patients and Data In The Evolving Healthcare Cybersecurity Landscape https://www.alienvault.com/blogs/security-essentials/safeguarding-patients-and-data-in-the- evolving-healthcare-cybersecurity-landscape
  • 91.
    91  Technology Foragingfor Cybersecurity Solutions https://www.alienvault.com/blogs/security- essentials/technology-foraging-for-cybersecurity-solutions  And I Think To Myself, What A Virtual World https://itspmagazine.com/from-the-newsroom/and-i-think- to-myself-what-a-virtual-world  Cyber Defense in an Imperfect World, a New Approach http://www.brinknews.com/cyber-defense-in-an- imperfect-world-a-new-approach/  How The Next Administration WillReshape DHS http://www.federaltimes.com/articles/how-the-next- administration-will-reshape-dhs  Elections at Risk in Cyberspace, Part IV: Securing the Vote | SIGNAL Magazine http://www.afcea.org/content/?q=Article-elections-risk-cyberspace-part-iv-securing-vote  The Gender Gap in Cybersecurity Can, and Should Be, Closed http://www.itsecurityplanet.com/from-the- newsroom/the-gender-gap-in-cybersecurity-can-and-should-be-closed  Gen Touhill brings vision, strategy as nation’s first CISO http://www.federaltimes.com/articles/gen- touhill-brings-vision-strategy-as-nations-first-ciso  US must invest more in advanced computing http://thehill.com/blogs/pundits-blog/technology/291013- us-must-invest-more-in-advanced-computin  DHS cyber role elevated in new legislation http://www.federaltimes.com/story/government/dhs/blog/2016/06/15/dhs-cyber-role- elevated-new-legislation/85934982/  Safeguarding Patients and Data In The Evolving Healthcare Cybersecurity Landscape https://www.alienvault.com/blogs/security-essentials/safeguarding-patients-and-data-in-the- evolving-healthcare-cybersecurity-landscape  Socializing Citizen Services In The Public Sector http://bizcatalyst360.com/socializing-citizen-services-in- the-public-sector/
  • 92.
    92  Embracing GlobalPublic/Private Cybersecurity Alliances https://www.alienvault.com/blogs/security- essentials/embracing-global-public-private-cybersecurity-alliances  Future Watch – Follow The Tech Leader http://bizcatalyst360.com/future-watch-follow-the-tech-leader/  4 steps to a strong incident response plan | CSO Online http://www.csoonline.com/article/3104203/techology-business/4-steps-to-a-strong-incident-response- plan.html  Cyber Defense in an Imperfect World, a New Approach http://www.brinknews.com/cyber-defense-in-an- imperfect-world-a-new-approach/  NCF-DC1 Washington DC Cyber News Update With Chuck Brooks http://www.logiccentralonline.com/new- cyber-frontier/ncf-dc1/  Ransomware Trending as Weapon of Choice for Hackers http://www.itsecurityplanet.com/from-the- newsroom/ransomware-trending-as-weapon-of-choice-for-hackers  The Government Explores Artificial Intelligence http://thehill.com/blogs/pundits- blog/technology/280481-the-government-explores-artificial-intelligence  DHS's ongoing challenge: Securing soft targets by Chuck Brooks http://www.federaltimes.com/story/government/dhs/blog/2016/03/28/dhss-ongoing-challenge- securing-soft-targets/82350628/  Creating a digital career path for Native Americans http://www.federaltimes.com/story/government/dhs/blog/2016/05/16/creating-digital- career-path-native-americans/84455826/  The Internet Of Things (IoT) Has Arrived – What You Should Know http://infosecurity.ciowatercooler.co.uk/the-internet-of-things-iot-has-arrived-what-you-should- know/
  • 93.
    93  NGA's Homelandpanel to benefit from Governor Hutchinson’s experience, leadership http://www.federaltimes.com/story/government/dhs/blog/2016/08/10/ngas-homeland-panel-benefit- hutchinsons-experience-leadership/88031784/  DHS cyber role elevated in new legislation http://www.federaltimes.com/story/government/dhs/blog/2016/06/15/dhs-cyber-role-elevated-new- legislation/85934982/  Embracing Global Public/Private Cybersecurity Alliances https://www.alienvault.com/blogs/security- essentials/embracing-global-public-private-cybersecurity-alliances  The Gender Gap in Cybersecurity Can, and Should Be, Closed http://www.itsecurityplanet.com/from-the- newsroom/the-gender-gap-in-cybersecurity-can-and-should-be-closed  Digital Convergence and Cybersecurity https://www.alienvault.com/blogs  The Globality Quotient: Cybersecurity. “Hacked Again” & Women in Digital Universe http://bizcatalyst360.com/cybersecurity-hacked-again-women-in-digital-universe/  4 stepsto a strong incidentresponse plan | CSO Online http://www.csoonline.com/article/3104203/techology- business/4-steps-to-a-strong-incident-response-plan.html  Pathway To The New Era of Quantum Computing https://ctovision.com/2016/06/pathway-new-era- quantu m-computing/  UK/US Cybersecurity Will Thrive Withor Without Brexit http://www.itsecurityplanet.com/from-the- newsroom/uk/us-cybersecurity-cooperation-will-thrive-with-or-without-brexitooperation  Creating a Digital Career Path for Native Americans http://www.federaltimes.com/story/government/dhs/blog/2016/05/16/creating-digital-career-path- native-americans/84455826/  The Rise of the Chief Data Officer https://www.alienvault.com/blogs/security-essentials/the-rise-of-the- chief-data-officer  Ransomware Trending as Weapon of Choice for Hackers http://www.itsecurityplanet.com/from-the- newsroom/ransomware-trending-as-weapon-of-choice-for-hackers
  • 94.
    94  The GovernmentExplores Artificial Intelligence http://thehill.com/blogs/pundits- blog/technology/280481-the-government-explores-artificial-intelligence  The Globality Quotient: Cybersecurity (ChuckBrooks Interviewed) http://bizcatalyst360.com/the-global- quotient-cybersecurity/  Chuck Brooks on Cybersecurity: The Weakest Link Will Always Be the Human Element http://www.govtech.com/dc/articles/Chuck-Brooks-on-Cybersecurity-The-Weakest-Link-Will-Always-Be- the-Human-Element.html  DHS's ongoing challenge: Securing soft targets by Chuck Brooks http://www.federaltimes.com/story/government/dhs/blog/2016/03/28/dhss-ongoing-challenge-securing- soft-targets/82350628/  Chuck Brooks, Winner "Cybersecurity Marketerof the Year", Cybersecurity Excellence Awards https://americansecuritytoday.com/chuck-brooks-winner-2016-cybersecurity-excellence-awards/  3 of the biggest concerns about external cyberthreats Phishing attacks employing malware, especially ransomware, is a top cybersecurity concern of Chuck Brooks (@ChuckDBrooks), vice president of government relations and marketing at Sutherland Global Services.“Anyone and everyone is vulnerable,” he said. “The expanding interconnectivity of our devices and the Internet of Things also makes malware a network threat. And with these kinds of phishing attacks, it is often quite difficult to find and prosecute the perpetrators.” http://theartofthehack.com/3-of-the-biggest-concerns-about-external-cyber-threats/  Government R&D can be a catalyst for technological progress http://thehill.com/blogs/pundits- blog/technology/267944-government-rd-can-be-a-catalyst-for-technological-progress  The GSN 2015 Digital Yearbook of Awards- Judge Chuck Brooks Interview https://www.yumpu.com/en/document/view/55008535/the-gsn-2015-digital-yearbook-of-awards/8  Key homeland security priorities to watch in 2016 http://www.federaltimes.com/story/government/dhs/blog/2015/12/15/key-homeland-security- priorities-watch-2016/77368604/  Seven astounding technologytrends for 2016 http://www.securityinfowatch.com/article/12151224/seven-top-technology-trends-for-2016  Preparing for the Coming Millennial Workforce https://www.careersingovernment.com/tools/gov- talk/career-advice/preparing-coming-millennial-workforce/
  • 95.
    95  HSN CharlesBrooks Interview - The Threat Cyber-security Poses to Homeland Security http://homelandsecuritynet.com/component/contushdvideoshare/player/hsn-tv/hsn-charles- brook-interview?Itemid=  The Internet Of Things (IoT) Has Arrived – What You Should Know http://wavefrontonwireless.com/the- internet-of-things-iot-has-arrived-what-you-should-know/  7 Top Tech Trends Impacting Innovators in 2016 http://www.innovationexcellence.com/blog/2015/12/26/7-top-tech-trends-impacting-innovators-in- 2016/  The alchemy of big data in government http://thehill.com/blogs/pundits-blog/technology/263890-the- alchemy-of-big-data-in-government  Terror bulletins, alerts or nothing at all: Feds try for happy medium ( Chuck Brooks interviewed) http://www.federaltimes.com/story/government/dhs/2016/02/08/homeland-security-alerts/79982178/  The Internet of Things and Cyber- Security: Government Readiness https://www.peerlyst.com/blog- post/the-internet-of-things-and-cyber-security-government-readiness  Smart cities, the Internet of Things and the Blue Revolution: http://thehill.com/blogs/pundits- blog/technology/254779-smart-cities-the-internet-of-things-and-the-blue-revolution  Christopher Gorog - CWC Cyber – Conversation with Chuck Brooks http://www.christophergorog.com/cyber-security/cwc-cyber-1/  Protecting the Internet of Things and livingin Smart Cities: http://www.federaltimes.com/story/government/dhs/blog/2015/09/24/protecting-internet- things-and-living-smart-cities/72742172/  Does Government Need ‘Hardware-Separated’ Operating Systems?: http://www.nextgov.com/technology-news/tech-insider/2015/09/does-government-need- hardware-separated-operating-systems/121826/  Winning With Women - an interview withChuck Brooks: https://milspray.wordpress.com/2015/09/02/winning-with-women-wednesday-first-male-interview-with- chuck-brooks-vp-government-relations-marketing-sutherland-global-services/  The Four Pillars to Navigating Washington, DC (The Hill) http://thehill.com/blogs/pundits- blog/washington-metro-news/217783-navigating-the-four-pillars-of-Washington
  • 96.
    96  Interview withChuck Brooks on key Homeland Security Issues for 2015 (Government Security News) gsn 2014 digital yearbook of homeland securityawards recipients  Homeland Security Interview by Government Security News on Key issues for 2015 http://blog.securityrecruiter.com/2015/02/gsn-2014-digital-yearbook-of-homeland.html  Some catalyzing technologies on the government horizon http://thehill.com/blogs/pundits- blog/technology/238756-some-catalyzing-technologies-on-the-government-horizon  Solving Problems with Technology Convergence http://government.blogs.xerox.com/2015/04/02/solving- problems-with-technology-convergence/#prettyPhoto  Government prioritizes digital engagement (Computerworld) http://www.computerworld.com/article/2931835/it-transformation/government-prioritizes-digital- engagement.html  Department of Homeland SecurityExplores Wearables http://www.wearablevalley.co/department-of- homeland-security-explores-wearables/#more-21  The OPM breach screams for action | SecurityInfoWatch.com https://www.google.com/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF- 8#q=The+OPM+breach+screams+for+action.+Chuck+Brooks  Servicing the Internet of Things and the New Digital Economy http://government.blogs.xerox.com/2014/11/21/servicing-internet-of-things-new-digital- economy/#.VKriQCvF91Y  Adopting a cooperative Global Cyber Security Framework to mitigate cyberthreats (before it is too late) http://www.voodootec.com/author/chuckbrooks/  Xerox’s Chuck Brooks: Preparation, Commitment Key for Govt-IndustryCyber Partnerships http://blog.executivebiz.com/2015/01/xeroxs-chuck-brooks-preparation-commitment-key- for-govt-industry-cyber-partnerships/  Carahsoft Citizen Engagement Seminar (Chuck Brooks on Panel) https://www.carahsoft.com/learn/event/1733-carahsoft-citizen-engagement-seminar  DHS, FBI stepping up digitization of Records http://archive.federaltimes.com/article/20140827/BLG04/308270010/DHS-FBI-stepping-up-digitization- records
  • 97.
    97  Internet ofThings, New Frontier of Technology Convergence http://government.blogs.xerox.com/2014/08/27/iot-new-frontier-technology-convergence/#prettyPhoto  Wearables Bring New Sense of Fashion to Public Sector http://www.nextgov.com/technology-news/tech- insider/2015/02/wearables-bring-new-sense-fashion-public-sector/104679/  DHS: A decade (and more) of competing congressional oversight http://www.federaltimes.com/article/20140718/BLG04/307180011/DHS-decade-more-competing- congressional-oversight  Huffington Post Cybersecurity Industry Interview WithXerox's Chuck Brooks http://www.huffingtonpost.com/brian-e-finch/cybersecurity-industry- in_2_b_4620232.html?utm_source=Alert- blogger&utm_medium=email&utm_campaign=Email%2BNotifications  The DHS's vital role in confronting the threat of pandemics and bioterrorism |Federal Times http://www.federaltimes.com/article/20141104/BLG04/311040018/The-DHS-s-vital-role- confronting-threat-pandemics-bioterrorism  "Why You Should Be Excited About Future Tech" (InformationWeek) http://www.informationweek.com/strategic-cio/executive-insights-and- innovation/why-you-should-be-excited-about-future-tech/d/d-id/1114036?  Dick Tracy and the Benefits of Virtual Government http://government.blogs.xerox.com/?s=virtual+government  Critical Infrastructure Cybersecurity Takes Center Stage A Decade After The 9/11 Commission Report http://www.counciloncybersecurity.org/articles/critical-infrastructure-cybersecurity-takes-center- stage-a-decade-after-the-9-11-commission-report/  Creating resilience with public/private partnerships—and planning (MIT Sloan Blog) http://executive.mit.edu/blog/2014/02/creating-resilience-with-publicprivate-partnerships-and- planning/  DHS’s Special Partnership withNative Americans (Indian Country News) http://www.indiancountrynews.com/index.php/news/26-mainstream-politics/13958-dhs-s- special-partnership-with-native-americans
  • 98.
    98  TechNOW –Interview with Charles Brooks, VP, Department Homeland Securityat Xerox https://www.youtube.com/watch?v=t8WXYOotJh8  Homeland Security is Back in the Limelight By Chuck Brooks (The Hill) http://thehill.com/blogs/pundits- blog/homeland-security/230788-homeland-security-is-back-in-the-limelight  Critical Infrastructure Cybersecurity Takes Center Stage A Decade After The 9/11 Commission Report http://www.counciloncybersecurity.org/articles/critical-infrastructure-cybersecurity-takes-center- stage-a-decade-after-the-9-11-commission-report/#tweet-link  Transportation security: Back to the future http://thehill.com/blogs/pundits-blog/212288-transportation- security-back-to-the-future  Chief Data Officers in the Government – What Role Should TheyPlay? https://government.blogs.xerox.com/2015/02/20/chief-data-officers-government-what-role-should-they- play/?utm_content=sf36444741&utm_medium=spredfast&utm_source=twitter&utm_campaign=Corporat e+Channels&CMP=SMO-Facebook+sf36444741#.VSLkIJh0xdh  Mining Big Data for What It’s Worth http://government.blogs.xerox.com/2014/12/05/big-data-what-its- worth/#.VSLft5h0xdg  Charles Brooks to present June 26 webinar on evolving DHS role in Strategic Cyber Operations http://www.gsnmagazine.com/article/41412/charles_brooks_linkedin_homeland_security_dis cussi  The public/private imperative toprotect the grid by ChuckBrooks (Federal Times) http://www.federaltimes.com/article/20140616/BLG04/306160008/The-public-private- imperative-protect-grid  How S&T drives innovationat DHS" http://www.federaltimes.com/article/20140423/BLG04/304230005/How-S-T-drives-innovation-DHS  “Human Factors” and Biometrics at DHS: http://www.biometricupdate.com/author/chuck-brooks  The public/private imperative toprotect the grid http://archive.federaltimes.com/article/20140616/BLG04/306160008/The-public-private-imperative- protect-grid  Government SecurityNews 2013 Homeland Security Awards (Lead Judge) http://www.gsnmagazine.com/node/39332?c=federal_agencies_legislative
  • 99.
    99  Securing theCyber Ecosystem through Protection Projects and Planning (HomelandSecurityWeek presentation) http://www.homelandsecurityexpo.com/speakerinfo.aspx?tp_spkid=105234  Tech Interviews Featured on House Homeland Security Website http://article.wn.com/view/2015/03/13/House_Committee_on_Homeland_Security_Schedule_f or_March_1620/  DHS Secretary Jeh Johnson revitalizes the 'One DHS' vision http://www.federaltimes.com/article/20140513/BLG04/305130012/DHS-Secretary-Jeh- Johnson-revitalizes-One-DHS-vision  Chuck Brooks interview publishedin SecurityInfoWatch onthe application of lessons learned from last year's Boston Marathon bombings. "Boston Marathona case study in lessons learned following last year's bombing tragedy" bySteve Lasky http://www.securityinfowatch.com/article/11416172/boston- marathon-security-measures-make-for-a-different-event  DHS as the Epicenter for Cybersecurity in Government (Government Security News): http://www.gsnmagazine.com/node/32882?c=cyber_security  Native Americans key to border security success http://thehill.com/blogs/pundits- blog/immigration/214494-native-americans-key-to-border-security-success  Government cyber securityprograms mandatedto go commercial (Cygnus Media): http://mobile.securityinfowatch.com/article/11151600/congressional-hearings-have-called- attention-to-the-need-for-better-cooperation-between-government-agencies-and-the-private-sector  Three keys to unlocking tech treasures -- Focus on collaboration, STEM and 'foraging' (Federal Times) http://www.federaltimes.com/apps/pbcs.dll/article?AID=2013310280011  Strategic Cyber Operations Webinar: The Evolving Role of Cybersecurity at the Department of Homeland Security by Chuck Brooks at GWU http://cps.gwu.edu/strategic-cyber-operations-webinar-evolving-role- cybersecurity-department-homeland-security  “Why You Should be Excited about Future Tech”. Key topics: The digital age and the Internet of Things; Health & Medicine; and, Manufacturing http://www.cata.ca/Media_and_Events/Press_Releases/cata_pr07041401.html  Public/Private Partnerships (FORBES): http://www.forbes.com/sites/xerox/2013/08/12/successful_public_private_partnerships/
  • 100.
    100  Chuck Brookspresentations at Global Risk Expo in ASTANA, KAZAKHSTAN http://astanaforum.org/2014/events/international-expo-conference-global-risk-expo  Featured Speaker:Chuck Brooks - Homeland SecurityWeek 2015 http://www.homelandsecurityweek.com/SpeakerInfo.aspx%3Ftp_spkid%3D105234  Featured Speaker: Homeland Security Week 2014 Conference https://www.asdevents.com/event_speakers.asp?id=3323&desc=Homeland+Security+Week+ 2014+Conference  Using Social Media to Link In to Government: http://bizcatalyst360.com/linking-government/  Xerox’s Charles Brooks: Gov’t Agencies Seek to Accelerate Record Digitization http://blog.executivebiz.com/2014/08/xeroxs-charles-brooks-govt-agencies-seek-to- accelerate-record-digitization/  The National Press Club Hosts Global Leadership Challenges: Government and Private Sector Leaders Share Innovation, Talent and Regulatory Strategies (Presenting) http://www.prweb.com/releases/2014/02/prweb11609927.htm  Tech & Innovation thought leader ChuckBrooks joins The Franklin FoundationBoard of Directors http://www.prlog.org/12396042-tech-innovation-thought-leader-chuck-brooks-joins-the- franklin-foundation-board-of-directors.html  Interview with Chuck Brooks: Talking LinkedIn Strategywith Mark Amtower | Hinge http://www.hingemarketing.com/blog/story/talking-linkedin-strategy-with-mark-amtower  Featured Speaker: 4th Annual Human Cyber Forensics Conference: https://www.fbcinc.com/e/HCFC/speakers.aspx  How Big Data Will Revolutionize Aviation Security (ChuckBrooks Interviewed) http://www.hstoday.us/index.php?id=483&cHash=081010&tx_ttnews%5Btt_news%5D=322 17  Xerox’s Charles Brooks: Gov’t Agencies Seek to Accelerate Record Digitization http://blog.executivebiz.com/2014/08/xeroxs-charles-brooks-govt-agencies-seek-to- accelerate-record-digitization/
  • 101.
    101  Transaction Processingis at the Root of Data Analytics http://government.blogs.xerox.com/2014/06/11/transaction-processing-root-of-data- analytics/#prettyPhoto  BizCatalyst 360: Digital Government Yields Customer Service Innovation http://bizcatalyst360.com/digital- government-yields-customer-service-innovation/  Government SecurityNews: Charles Brooks, Linkedin Homeland Security discussion leader, topresent June 26 webinar on evolving DHS role in StrategicCyber Operations http://gsnmagazine.com/node/41412?c=cyber_security  Digital Government Yields Exciting Innovation http://government.blogs.xerox.com/2014/05/28/digital- government-yields-exciting-innovation/  Transforming US Border Crossing http://government.blogs.xerox.com/2014/05/21/transforming-u-s- border-control-processing-through-automation/  Radio Interview: All things LinkedIn - FederalNewsRadio.com http://www.federalnewsradio.com/239/3691601/All-things-LinkedIn  Chuck Brooks interview publishedin SecurityInfoWatch onthe application of lessons learned from last year's Boston Marathon bombings. "Boston Marathona case study in lessons learned following last year's bombing tragedy" bySteve Lasky http://www.securityinfowatch.com/article/11416172/boston- marathon-security-measures-make-for-a-different-event  DHS's Special Partnership with Native Americans Homeland Security Today http://www.nxtbook.com/nxtbooks/kmd/hst_201310/#/12  Pausing Before Tapping “Connect:” Can Privacy and Security ... http://airpatrolcorp.com/2015/01/27/internetofthings/  The Future of Social Media (Chuck Brooks quote) http://www.business2community.com/social- media/future-social-media-60-experts-share-2014-predictions-0718083  Next Practices Institute Events - Executive Next Practices Institutehttp://www.enpinstitute.com/events/  What Government Agencies Can Learn From The Private Sector (FORBES) http://www.forbes.com/sites/xerox/2013/10/02/government-agencies-eye-contact-centers-for- consolidation-3-takeaways-from-the-private-sector/  Xerox Real Business Radio Online Radio | BlogTalkRadio http://www.blogtalkradio.com/xeroxradio
  • 102.
    102  Interview -Global Radio Talk Show – Interviews with Business Leaders ... http://globalradiotalkshow.com/  Xerox exec Chuck Brooks to discuss global cybersecurity threats at MIT Forum Moscow http://www.gsnmagazine.com/node/33583?c=access_control_identification  Government cyber securityprograms mandatedto go commercial (Cygnus Media): http://mobile.securityinfowatch.com/article/11151600/congressional-hearings-have-called- attention-to-the-need-for-better-cooperation-between-government-agencies-and-the-private-sector  The National Press Club Hosts Global Leadership Challenges: Government and Private Sector Leaders Share Innovation, Talent and Regulatory Strategies (Presenting) http://www.prweb.com/releases/2014/02/prweb11609927.htm  Mobile Apps Continue to Shape Government Agencies http://government.blogs.xerox.com/2014/10/15/mobile-apps-continue-to-shape-government- agencies/#.VjZQ1_mrTIU  Combining Legislation and technologyfor Better Government Service http://zone.tmcnet.com/topics/articles/355948-combining-legislation-technology-better- government-customer-service.htm  Radio Interview: The U.S. Needs a Proactive Approach To Combat Cybercrime https://www.centerforsecuritypolicy.org/2014/04/16/the-u-s-needs-a-proactive-approach-to- combat-cybercrime/  Featured Speaker; Symposium on Homeland Security & Defense http://symposiumonhomelandsecurity.com/wp-content/uploads/2015/03/2015-Symposium-on- Homeland-Security__Draft-Schedule-3_30_15.pdf  Interview with Chuck Brooks The Business Edge | VoiceAmerica™ http://www.voiceamerica.com/show/2186/the-business-edge  Featured Speaker; The Counter Terrorist magazine http://www.thecounterterroristmag.com/conference/  Moderator, Technology Conference - Association for Corporate Growth http://www.acg.org/boston/technologyconference.aspx  Featured Speaker: 4th Annual Human Cyber Forensics Conference: https://www.fbcinc.com/e/HCFC/speakers.aspx
  • 103.
    103  Featured Speaker;The CyberMaryland Conference - Federal Business Council, Inc. http://www.fbcinc.com/e/cybermdconference/speakers.aspx  Cybersecurity 2014: Beyond the NIST framework - FedScoop http://fedscoop.com/cybersecurity-2014- beyond-nist-framework/  How Wearable Devices Can Transform Contact Center Operations http://www.customerexperiencereport.com/strategy-and-trends/wearable-devices-can- transform-contact-center-operations/  Interview: TechNOW -- with Charles Brooks, VP, Department Homeland Securityat Xerox: What are your Homeland Security views? http://www.cata.ca/Media_and_Events/Press_Releases/cata_pr01301501.html  How To Successfully Implement Social Media For Business Development In Government https://howtomeasuresocialmediaingo2015.sched.org/event/c88310c3c0bb9a12dcc3742b7d 609543#.VSK8z5h0xdg  Listed as one of the top 50 in "Data Sciences" on LinkedIn “25 Data Scientists Popular onLinkedIn” Posted by Vincent Granville http://www.datasciencecentral.com/profiles/blogs/25-data-scientists- popular-on-linkedin  Keeping Pace With a Streamlined Service Approach http://www.datasciencecentral.com/profiles/blogs/25-data-scientists-popular-on-linkedin  Cybersecurity 2014: Beyond the NIST framework http://fedscoop.com/cybersecurity-2014-beyond-nist- framework/  Featured Speaker: Social media in Government conference http://aliconferences.com/events/social- media-in-government_0515/  CyberTECH Network | Advisors http://cybertechnetwork.org/advisors/  CYBER CRIME & IDENTITY THEFT IN A GLOBAL BUSINESS ENVIRONMENT http://www.ctcbiz.org/upcoming/flyers/cyber2014/CTC%20Cyber%20Security%202014%2 0Outline.pdf xerox | GovCon Executive http://www.govconexecutive.com/%3Fs%3Dxerox  Chuck Brooks, Featured Speaker at Press Club on Doing Business in Washington, DC Washington '14 March - Global HR Newshttp://www.globalbusinessnews.net/conf.asp%3Fcid%3D271
  • 104.
    104  Public/private partnershipis key to be competitive in any market. The Know How http://asiasecuritynews.com/6299/publicprivate-partnership-is-key-to-be-competitive-in-any- market-the-know-how/ References and Recommendations:
  • 105.
  • 106.
  • 107.
    107 Edward Youis aSupervisorySpecialAgentinthe FBI’sWeaponsof MassDestructionDirectorate,Biological Countermeasures Unit.Mr. You isresponsible forcreatingprogramsandactivitiestocoordinate andimprove FBIandinteragencyeffortsto identify,assess,andrespondtobiological threatsorincidents.These effortsincludeexpandingFBIoutreachtothe Life Sciencescommunitytoaddressbiosecurity.Before beingpromotedtothe Weaponsof Mass DestructionDirectorate,Mr.You was a memberof the FBI Los AngelesFieldOfficeJointTerrorismTaskForce andservedonthe FBI HazardousEvidence Response Team. Mr. You hasalso beendirectlyinvolvedinpolicy-makingeffortswithafocusonbiosecurity.He isan active WorkingGroup memberof the National SecurityCouncilInteragencyPolicyCommittee onCounteringBiologicalThreatsandan Ex Officio memberof the NIH National Science AdvisoryBoardforBiosecurity.He alsoservesontwocommitteesforthe National Academiesof Sciences,the Institute of Medicine’sForumonMicrobial Threatsandthe Committee onScience,Technology,and Law’sForum on SyntheticBiology June Klein , CEO Technology & Marketing Ventures, Inc; Electronic- BoardroomTMVi(r) Solutions; EmpowernatorJune(tm) Next Practices; Chuck and I served as “invite-only, vetted and trusted advisors” to the Bill and Melinda Gates Foundation - Technology Partner Network. Throughout the 2year strategic program, Chuck was a pleasure to collaborate with toward accelerating solutions on a range of global challenges facing the foundation and its grantees. He was generous in sharing his articles in prestigious publications, contacts to DC decision-makers and access to his featured speaker and award events. Currently, I am honored that Chuck choseme to be a manager of his “Emerging & Futuristic Technologies LinkedIn Group”. Chuck has huge followings on social networks and diligently responds to his thousands of friends on focused subject matters. He is a holistic thinker grounded in government, industry and academia leadership. I value any opportunity to work with Chuck to team
  • 108.
    108 with strategic partnersthat can benefit from scaling my IOT, cybersecurity, resiliency and video initiatives. I think very highly of Chuck, bothpersonally and professionally. This is also evidenced by my recommending him to my UK Merchant Bank’s Virtual Technology Cluster as a speaker and director of their Cybersecurity program blending entrepreneurial firm innovations with Lockheed Martin’s productdevelopment process. I am confident that if you hire Chuck for any leadership, director, team, award or speaking slots, he will contribute to catapulting your success and achieving your goals. Besides his many skills, he is a very nice personas well. Feel free to contactme if you want any further evidence. Dexter Ingram Senior Advisor, INTERPOL I have had the pleasure of knowing Chuck for over 10 years, since he was at DHS and I was on the House Select Committee on Homeland Security. He is a consummate professional who has a deep understanding of the issues,process, and people involved in the world of homeland security and Law enforcement. His breadth of experience derived from working on The Hill, in government, in
  • 109.
    109 academia, in industry,and with the media make him truly unique. I most highly recommend Chuck and look forward to continuing working together. Holger Schulze B2B Tech Marketing Entrepreneur | Marketing-as-a-Service Chuck was selected "Cybersecurity Marketer of the Year" at the 2016 Cybersecurity Excellence Awards. This was quite an accomplishment as the awards were highly competitive with hundreds of entries and Chuck was one of the leading vote getters overall. This award reflects the information community's recognition of Chuck's excellence in the cybersecurity and homeland security space. I follow Chuck's prolific and informative writings and speeches on the topics of cybersecurity, homeland security, IoT, futurism, and emerging technologies -- many of which are re-posted in our 300,000 members Information Security Community LinkedIn Group. It a real pleasure to endorse Chuck for his great depth of experience, professionalism, capabilities and for his dedication to promoting cyber security issues. Mike Bowers Former President of Xerox Federal, Federal Government Services Executive & Advisor
  • 110.
    110 It was areal pleasure working with Chuck at Xerox. He served us as a thought leader on technology, BPO, homeland security and other important issues. He has exceptional depth on complex technology issues and an uncanny ability to rapidly write penetrating articles that were very well received in the media and Inside The Beltway. His contacts/relationships at DHS as well as his Rolodex of those in industry and government is second to none and served his BD colleague well. Most of all he was a professional and great person to work with. I give Chuck my highest recommendation. Thomas A. Cellucci, PhD, MBA Founder, Chairman & CEO Cellucci Associates, Inc. It is indeed a distinct pleasure to provide this recommendation for Chuck. To put it simply, Chuck possesses boththe strategic vision and tactical discipline to get results--period. Having said that, his keen intellect is only matched by his genuine good nature and helpful attitude towards others. I would recommend Chuck for any business activity he would undertake.
  • 111.
    111 Herbert E. Spiegel,Ph.D,MBA President & Chief Science Officer at Applied Science & Technology Associates, LLC Chuck is an excellent sourceof information on the national and international scene. He is a mentor of the first order, with respectto the science and political aspects of Homeland Security and the myriad of issues surrounding that discipline. He is modestin his expertise and easily approachable. He is a valuable guide, willing to share his vast experience. Simon Szykman Chief Technology Officer, Federal Services at Attain Chuck and I were colleagues when we were both serving at the Department of Homeland Security. Chuck was a pleasure to work with and is a consummate professional with executive management and substantive issue expertise, particularly in technologies relating to DHS. Chuck also brings a special blend of experience to the table, having successfully served in leadership roles in industry, as well as executive and legislative branches of government. Chuck is a relationship builder, a
  • 112.
    112 "connector" of bothopportunities and people. I highly recommend Chuck and look forward to continuing to work with him in the future. Admiral Jay Cohen President at JayMCohen LLC From my Senate confirmation hearings, through two years of re-inventing the Dept of Homeland Security Science & Technology Directorate (which was described by the Congress in 2006 as a "rudderless ship with no one at the helm" and in danger of the Congress rescinding $200M in FY 07), Chuck Brooks as Director of Legislative Affairs at DHS was INVALUABLE to me, the DHS S&T Directorate, DHS, the Nation AND Congress in making the "reformation" of DHS S&T a complete success. His Hill/DC acumen, insight, reliability, ability to develop highly effective congressional interaction/communications is WITHOUT PEER in my nearly 16 years dealing with senior executive branch officials, industry, academia and the Congress. He has my strongest recommendation for executive positions of high responsibility in government relations/ business development. Hon. Jay M Cohen (Rear Admiral, US Navy, ret.)
  • 113.
    113 George Romas Chief Engineer,Cybersecurity at DXC Technology Chuck spent some quality time with our small startup company. He opened a lot of doors for us, providing introductions to potential investors and partners, as well as well-connected individuals on the Hill. Chuck also provided invaluable assistance in forming our company and productstrategy. Pam Turner Managing Director at Prime Policy Group March 23, 2009, Pam managed Chuck directly Chuck was among the "start-up" team at DHS, and had responsibility for a wide range of complex issues and challenging proceduralsituations. His knowledge of the issues, familiarity with the political process, attention to detail, and his professionalism earned him the trust and respect of his Congressional contacts, his DHS associates, and all those who sought his counsel and help. Chuck is a "can-do" person, and I strongly recommend him. Timothy N. Teen CEO & Board at InSitech, Inc
  • 114.
    114 Chuck is veryknowledgeable in government affairs, the military and security sectorand is a diligent executive who is great to work with. While at the US Army's Picatinny Arsenal/ARDEC as well as with CVP, my team worked closely with Chuck in vetting technologies and services with applications for homeland security and defense. He has an acumen for technology issues, strong knowledge of investment banking/due diligence processes,and really knows his way around government bureaucracies. He is a collaborator who is committed to building great relationship and producing results and I most highly recommend him. Chuck Brooks References: * Admiral Jay Cohen (US Navy Ret), former Undersecretary of Science & Technology and the Department of Homeland Security and former Director of Naval Research for Department of Defense * Hon. Michael Chertoff, former Secretary of Homeland Security * StevenPomerantz, Former Director of Counterterrorism for the FBI
  • 115.
    115 Thursday, June 30, 2016from 8:00 AM to 6:00 PM The Ritz-Carlton Tysons Corner • Learn from Security Experts & Advisors Including: Chuck Brooks Speaking on Panel 1: Protecting the Enterprise from the Growing Risk of Security Breaches as it Relates to the Internet of Things
  • 116.
    116 Meeting: BOARD ONLIFE SCIENCES and BOARD ON CHEMICAL SCIENCES AND TECHNOLOGY Safeguarding the Bioeconomy III Safeguarding the Bioeconomy III: Securing Life Sciences Data Speaker: Charles (Chuck) Brooks serves as the Vice President for Government Relations & Marketing for Sutherland Global Services. Chuck also serves as Chairman of CompTIA’s New and Emerging Technology Committee, and he serves as subject Matter Expert to The Homeland Defense and Security Information Analysis Center (HDIAC), a Department of Defense (DOD) sponsored organization through the Defense Technical Information Center (DTIC). In government, he served at the Department of Homeland Security as the first Director of Legislative Affairs for the Science & Technology Directorate. Chuck also spent six years on Capitol Hill as a Senior Advisor to the late Senator Arlen Specter where he covered foreign affairs, business, and technology issues .In academia, Chuck was an Adjunct Faculty Member at Johns Hopkins University where he taught graduate level students about homeland security and Congress. He has an MA in International relations from the University of Chicago, and a BA in Political Science from DePauw University, and a Certificate in International Law from The Hague Academy of International Law. Chuck is widely published on the subjects of innovation, public/private partnerships, emerging technologies, and issues of homeland security and cybersecurity
  • 117.
  • 118.
    118 From “Cybersecurity isTop Business Priority in 2017” https://www.bebee.com/producer/@dbgrinberg/cybersecurity-is-top-business-priority-in-2017 In assessing the severity of security flaws in cyberspace, I spoke with several experts in the field. Charles “Chuck” Brooks is the vice president for government relations and marketingfor Sutherland Government Solutions. He served at DHS as the first director of legislative affairs for the Science and Technology Directorate. He ominously points out: "The reality is that the more digitally interconnectedwe become in our work andpersonal lives, the more vulnerable we become." -- Chuck Brooks Mr. Brooks adds: "Mitigating cyberthreats will grow as a priority for business, and for us personally, if we are to commercially functionand prosper." But how can companies successfully mitigate cyberthreats? His advice: "The C-suites and governingboards of corporations will need to invest in better enterprise and endpoint security toprevent phishing and malware probes by hackers. This will also require better training of executives and employees in basic information securitymeasures."
  • 119.
    119 The Imperative toAddress Security Concerns of the Rapidly Evolving Internet of Things BY CHUCK BROOKS  JAN 20, 2019
  • 120.
    120 The Internet ofThings (IoT) broadly refers to devices and equipment that are readable, recognizable, locatable, addressable and/or controllable via the internet. This includes everything from edge computing devices to home appliances, from wearable technology to cars. IoT represents the melding of the physical world and the digital worked, as sensors are not costly and wireless access is now ubiquitous. These days, if a device can be turned on, it can most likely be connected to the internet. Because of this, data can be shared quickly across a multitude of objects and devices, thereby increasing the rate of communications. According to a recent EY (Ernst & Young) study, Cybersecurity and the Internet of Things, it is estimated that the number of connected devices globally will exceed 50 billion by 2020. Fulfillment of this forecast will give any business, no matter the industry, access to endless amounts of vital, real-time data about their company and customers. Inside and outside the workplace, IoT has the capacity to greatly change the way we work and live. In terms of economic impact, the McKinsey Global Institute estimates that the Internet of Things has the potential to impact economies up to $6.2 trillion annually by the year 2025. Unfortunately, there are some pressing cybersecurity challenges associated with IoT. According to a study conducted in April of 2017 by The Altman Vilandrie & Company, nearly half of U.S. firms using the Internet of Things have experienced cybersecurity breaches. The study surmised that the cost of the breaches represented 13.4% of the total revenues for companies with revenues under $5 million annually and tens of millions of dollars for the largest firms. Nearly half of firms with annual revenues above $2 billion estimated the potential cost of one IoT breach at more than $20 million. The potential of IoT for both the public and private sectors is undeniable. But given the costs of a data breach and frequency of IoT-related security incidents, companies, agencies and consumers also need to understand the cybersecurity risks associated with an increasingly inter-connected global society. The billions of connected devices and trillions of sensors enabling IoT are creating an immense attack surface of insecure endpoints and web interfaces with pervasive vulnerabilities for hackers to exploit. There are estimates that nearly half of all companies in the United States that use an Internet of Things (IoT) network have been affected by a security breach. A recent Federal Trade Commission report called attention to the fact that just 10,000 households can generate 150 million data points daily, which provides a significant number of entry points for hackers. The prevailing perspective from a security operations perspective is that anything can be hacked in the Internet of Things. Most alarming, because of the connectivity of IoT, viruses can spread further and more rapidly. Also, there are unique challenges to IoT devices. Unlike laptops and smartphones, most IoT devices possess fewer processing and storage capabilities. This makes it difficult to employ anti-virus, firewalls and other security applications that could help protect them. At the same time, edge computing intelligently aggregates local data, making it a concentrated target for sophisticated threat actors.
  • 121.
    121 The security challengecomes down to understanding what is connected in the IoT landscape, knowing how to best protect the most important assets and effectively mitigating and remediating a security incidents and breaches. A first step is building this security capability is to create an IoT risk management framework. A risk management approach is fundamental to anything involving security, whether it is physical or digital. IoT combines both those elements. Cybersecurity must address technology, interoperabilit, business, and consumer risk. There are no failsafe solutions, and the task of securing IoT is monumentally difficult, especially as connectivity grows. A viable risk management strategy requires stepping up assessing situational awareness, policies & training, technology integration, information sharing, mitigation capabilities and cyber resilience. An IoT security framework has unique security characteristics and must consider the requirements of changing default passwords on manufactured delivered devices. It should also analyze the impact of segmentation and/or isolation of IoT devices on reducing risk and attack surfaces. The end goal is to optimize solutions and services and determine what level of security is required for implementation. More specifically, the framework should be defined by the most basic elements and best practices in managed risk: layered vigilance (intelligence, surveillance); readiness (operational capabilities, visual command center, interdiction technologies); and resilience (coordinated response, mitigation and recovery). The complexity, diversity and lack of regulations of the IoT ecosystem pose a significant challenge to creating an operational IoT risk management framework. This is especially a concern in the amalgamation of legacy and new technologies in networks. For some time, the creation of standards to protect IoT devices has been a topic of discussion among governments, industry and organizations. It is a difficult quest because manufactures do not share many design elements and metrics, so standards are not easy to establish. Professional associations are attempting to set standards for functional IoT compatibility in the meantime. For example, the IEEE Standards Association is working on creating a cross-domain architectural frame work called the P2413 Standard for an Architectural Framework for the Internet of Things. Another IoT standard is being proposed by the Industrial Internet Consortium (IIC) for critical infrastructure. Yet another IoT standard effort involves the one M2M alliance. The group is developing technical specifications that address the need for a common M2M (machine-to-machine) Service Layer. While standards may or may not be adopted, lessons learned from the discussion can add to creating a more efficient security posture. Recently, the United States Government Accountability Office issued an assessment of the status and security issues surrounding the Internet of Things. The GAO identified the following type of attacks as primary threats to IoT:
  • 122.
    122  Denial ofService  Malware  Passive Wiretapping  Structured query language injection (SQLi controls a web application’s database server)  Wardriving (search for Wi-Fi networks by a person in a moving vehicle)  Zero-day exploits Ransomware (in conjunction with malware) would be a good add to the GAO list. A variant of ransomware called “WannaCry” spread swiftly in 2017 and 2018, reaching over 100 countries and infecting over 200,000 computers. WannaCry disrupted government entities and many organizational and company networks that have connectivity to IoT. The Department of Homeland Security (DHS) and National Institute of Standards and Technology (NIST) also have released new security guidelines for the Internet of Things. This was done after a massive distributed denial-of-service attack targeted devices and shutdown many popular websites like Twitter and Etsy in 2016. The adoption of a common set of standards for manufactures and providers, combined with the promotion of security best practices, will help bring a higher level of security for IoT devices. Unfortunately, the longer the wait, the more difficult it will be to implement a compliance framework that allows for patching and auditing as well as tracking threats. IoT attacks will likely never be fully prevented, but there is an assortment of policies and technology tools that can help. These measures include machine learning and artificial intelligence and threat automation using real-time and predictive analytics. Also, IoT security is should include elements of access control, credential verifications, encryption and hardening of systems, applications and endpoints. As a society on the verge of unparalleled exponential connectivity, we are entering unchartered digital territory. New risks and unforeseen issues will no doubt confront us as the Internet of Things continues to evolve and expand. To address the potential perils of IoT, we need to develop working standards, build IoT security risk frameworks and develop emerging technologies to mitigate and remediate cyber-attacks. Security of IoT must be more than a priority; it needs to be an imperative.
  • 123.
  • 124.
    124 Leadership Role SuitsDHS in Cybersecurity Evolution May 29, 2018 by Chuck Brooks
  • 125.
  • 126.
  • 127.
    127 U.S. Immigration andCustoms Enf orcement’s Homeland Security Inv estigations Cy ber Crimes Unit helps track down those committing crimes in cy berspace. Here an ICE agent scans a suspect hard driv e. (ICE photo) Last month the Department of Homeland Security (DHS) unveiled its new cybersecurity strategy. DHS characterizes the strategy as providing “the Department with a framework to execute our cybersecurity responsibilities during the next five years to keep pace with the evolving cyber risk landscape by reducing vulnerabilities and building resilience; countering malicious actors in cyberspace; responding to incidents; and making the cyber ecosystem more secure and resilient.” In the strategy document, DHS cybersecurity goals for the next five years are succinctly stated:  “Goal 1: Assess Evolving Cybersecurity Risks. We will understand the evolving national cybersecurity risk posture to inform and prioritize risk management activities.  Goal 2: Protect Federal Government Information Systems. We will reduce vulnerabilities of federal agencies to ensure they achieve an adequate level of cybersecurity.  Goal 3: Protect Critical Infrastructure. We will partner with key stakeholders to ensure that national cybersecurity risks are adequately managed.  Goal 4: Prevent and Disrupt Criminal Use of Cyberspace. We will reduce cyber threats by countering transnational criminal organizations and sophisticated cyber criminals.  Goal 5: Respond Effectively to Cyber Incidents. We will minimize consequences from potentially significant cyber incidents through coordinated community-wide response efforts.  Goal 6: Strengthen the Security and Reliability of the Cyber Ecosystem. We will support policies and activities that enable improved global cybersecurity risk management.  Goal 7: Improve Management of DHS Cybersecurity Activities. We will execute our departmental cybersecurity efforts in an integrated and prioritized way.” Clearly, DHS has taken another step in fortifying its role as the lead civilian agency in the federal government for cybersecurity. DHS’s responsibility to protect against cyber threats has evolved significantly from early days of the department and its creation under the Homeland Security Act of 2002.
  • 128.
    128 The DHS MissionVision and Strategic Goals were crafted shortly after its legislative inception. Succinctly, the mission: “We will lead the unified national effort to secure America. We will prevent and deter terrorist attacks and protect against and respond to threats and hazards to the Nation. We will ensure safe and secure borders, welcome lawful immigrants and visitors, and promote the free flow of commerce.” The vision: “Preserving our freedoms, protecting America … we secure our homeland. Strategic Goals: Awareness, Prevention, Protection, Response, Recovery, Service, Organizational Excellence.” Fifteen years ago, CBRNE – Chemical, Biological, Radiological, Nuclear, and Explosives – were the threats of top concern of the mission vision and strategic goals. Cybersecurity was on the agenda and was a key focus along with interoperable communications. Because of the exponential growth of the internet of things, mobile devices, big data, and digital commerce, cybersecurity has grown immensely as a key priority while DHS has assumed more of a formal government role in the civilian cyber arena. A predominant reason for the enhanced focus on cybersecurity has been the rapid changes in the information technology landscape. Since 2002, the capabilities and connectivity of cyber devices and communications have grown exponentially. So have the cyber intrusions and threats from malware and hackers, requiring restructuring of priorities and missions. The cyber threat reaches far beyond ISIS and al-Qaeda, and includes hacktivists, various organized criminal enterprises and adversarial nation-states. In the past few years, a prime target of cyber intrusions has been the nation’s critical infrastructure, such as financial systems, chemical plants, water and electric utilities, hospitals, communication networks, commercial and critical manufacturing, pipelines, shipping, dams, bridges, highways and buildings. These incidents are not sector-specific and represent a challenge to preparation, budget and technical resources. A change in these risk environments has corresponded with a heightened DHS collaboration with other agencies, and especially the private sector stakeholders who own most of the nation’s vital infrastructure. DHS has had to step up assessing situational awareness, information-sharing and resilience research and development plans with these stakeholders to mitigate risk and protect critical infrastructure and key resources.
  • 129.
    129 In the pastfew years, a prime target of cyber intrusions has been the nation’s critical infrastructure, such as financial systems, chemical plants, water and electric utilities, hospitals, communication networks, commercial and critical manufacturing, pipelines, shipping, dams, bridges, highways and buildings. In a recent speech at the 2018 Critical Infrastructure Summit, Secretary Kirstjen Nielsen also spoke to her cybersecurity priorities. Those priorities include addressing systemic risk and catastrophic risk through the collective defense model where government and industry work closer together, especially in the area of information sharing. Protecting the civilian federal cyber systems and strengthening the cybersecurity of the election infrastructure are also DHS critical cybersecurity priorities. DHS’s integral role in cyber preparedness, response and resilience are now accepted by other federal agencies, including the leadership of the defense and intelligence agencies. Retired Gen. Keith Alexander, former commander of USCYBERCOM and former director of the National Security Agency (NSA), noted recently that it is appropriate to put DHS in “the middle” of the issue. DHS, as a civilian agency, should take a leading role in safeguarding the nation’s cybersecurity preparedness. The Department of Defense (DoD) retains responsibility for offensive cybersecurity capabilities, including cyber warfare. A change in these risk environments has corresponded with a heightened DHS collaboration with other agencies, and especially the private-sector stakeholders who own most of the nation’s vital infrastructure. DHS has had to step up assessing situational awareness, information sharing and resilience research and development plans with these stakeholders to mitigate risk and protect critical infrastructure and key resources. There are multiple executive policy components that clarify DHS’s heightened role in the federal cybersecurity arena. The original enforcement authority in cybersecurity was spelled out under the Homeland Security Act (Section 2010) and reinforced by Homeland Security Presidential Directive 7 (HSPD-7), which stipulated that DHS “serve as a focal point for the security of cyberspace.” Subsequently, President George W. Bush established the Comprehensive National Cybersecurity Initiative (CNCI), pursuant to HSPD-23/NSPD-54. The CNCI laid the foundation for setting goals to meeting the full spectrum of cyber threats and many of the current policies stem from that initiative.
  • 130.
    130 In July 2010,the Office of Management and Budget (OMB) assigned DHS the primary responsibilities for overseeing the federal-wide information security program and evaluating its compliance with the Federal Information Security Management Act of 2002 (FISMA). DHS is responsible for overseeing the protection of the .gov domain and also for detecting and responding to malicious activities and potential threats. DHS is also charged with annually reviewing the cybersecurity programs of all federal departments and agencies. The federal interagency Quadrennial Homeland Security Review (QHSR), which recognizes that DHS missions are “enterprise-wide and not limited to the Department of Homeland Security,” provided affirmation of OMB’s declaration. In 2010, DHS and DoD signed a landmark memorandum of agreement to protect against threats to critical civilian and military computer systems and networks. The DoD acknowledgement of DHS’s centrality in cybersecurity issues made a statement that the services would agree to DHS leadership and cooperate in spite of potential opposition from some in the intelligence community. In October 2012, President Obama issued Executive Order 13618 (and later Executive Order 13636), corresponding to Presidential Policy Directive-21 (PPD-21), which further provides an approach to developing standards and enhancing information sharing with critical infrastructure owners and operators. To better protect the federal cyber space, DHS deployed an automated cyber surveillance system called EINSTEIN 2 that monitors federal Internet traffic for malicious intrusions and provides near real-time identification of malicious activity. Interagency committees are also being established to coordinate detection and protection efforts to federal infrastructure across more than 15 agencies. In May 2017, President Trump issued an executive order on “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.” According to DHS, the executive order builds on DHS’s legal authorities, directing the department to assess and report on a number of key actions in order to secure federal networks. While each department or agency is responsible for the cybersecurity of its networks, DHS leads these efforts and ensures a baseline level of security across the civilian executive branch. A report in response to the executive order listed five complementary goals that would improve the resilience of the ecosystem:
  • 131.
    131  Identify aclear pathway toward an adaptable, sustainable, and secure technology marketplace  Promote innovation in the infrastructure for dynamic adaptation to evolving threats  Promote innovation at the edge of the network to prevent, detect, and mitigate bad behavior  Build coalitions between the security, infrastructure, and operational technology communities domestically and around the world  Increase awareness and education across the ecosystem The underlying theme of the most recent proclamations is that they encourage private/public sector collaboration and are voluntary in nature. Over a dozen legislative proposals are now being considered in Congress to delineate regulatory impact and liabilities under such collaboration. It is unclear when, or whether, such legislation will actually be enacted. In the meantime, existing presidential and OMB directives create the operating framework, and the private sector is being relied upon more as a strategic partner. DHS has come a long way since 2002 and has elevated its technological and organizational capabilities in confronting security and terrorist threats. There has been great progress since the creation of DHS in many critical areas. This includes better security methods, detection technologies, and intelligence sharing in transportation security, particularly in aviation. Better training, inter-jurisdictional coordination and secure & interoperable communications for first responders. New predictive analytics and technologies to combat pandemics and biological, chemical, and explosive threats. And creation of enterprise cybersecurity monitoring, threat awareness and detection, and private/public partnering to protect critical infrastructures. No longer on the back burner, cybersecurity is a major challenge to the nation’s economic and security welfare. It will require continued dedication, public/private sector cooperation and leadership for DHS to continually fulfill its growing leadership role.
  • 132.
    132 Visiting Editor Chuck Brooks ChuckBrooks is the Principal Market Growth Strategist -- Cybersecurity and Emerging Technologies for General Dynamics Mission Systems. He is also an Adjunct Professor at Georgetown University in the Graduate Applied Intelligence Program teaching Risk Management. LinkedIn named Chuck as one of “The Top 5 Tech People to Follow on LinkedIn” out of their 500 million members. He has published more than 150 articles and blogs on cybersecurity and technology issues. In both 2017 and 2016, he was named “Cybersecurity Marketer of the Year by the Cybersecurity Excellence Awards. Chuck’s professional industry affiliations include being the Chairman of CompTIA’s New and Emerging Technology Committee, and as a member of The AFCEA Cybersecurity Committee. In government, Chuck has served at The Department of Homeland Security (DHS) as the first Legislative Director of The Science & Technology Directorate at the Department of Homeland Security. He served as a top Advisor to the late Senator Arlen Specter on Capitol Hill covering security and technology issues on Capitol Hill. In academia,
  • 133.
    133 Chuck is anAdjunct Faculty member at Georgetown University in their Applied Intelligence Program was an Adjunct Faculty Member at Johns Hopkins University where he taught a graduate course on homeland security for two years. He has an MA in International relations from the University of Chicago, a BA in Political Science from DePauw University, and a Certificate in International Law from The Hague Academy of International Law. Chuck Brooks LinkedIn Profile: https://www.linkedin.com/in/chuckbrooks/ Chuck Brooks on Twitter:@ChuckDBrooks ---------------------------------------------------------------------------------------------------------- Chuck Brooks wins Marketer of the Year at Cybersecurity Excellence Awards Thu, 2017-02-09 01:49 PM
  • 134.
    134 Chuck Brooks, VicePresident at Sutherland Government Solutions, and Chairman of The New Emerging Technologies Committee for CompTIA, was named winner of Cybersecurity Marketer of The Year at the 2017 Cybersecurity Excellence Awards. The 2017 Cybersecurity Excellence Awards recognize companies, products and individuals that demonstrate excellence, innovation and leadership in information security. The finalists and winners were selected based on the strength of their nomination and the popular vote by members of the Information Security Community (both ratings and comments). “Congratulations to Chuck Brooks for winning the Cybersecurity Marketer of the Year category in the 2017 Cybersecurity Excellence Awards,” said Holger Schulze, founder of the 350,000 member Information Security Community on LinkedIn which organizes the awards program. “With over 450 entries, the 2017 awards are highly competitive. All winners and finalists reflect the very best in leadership, excellence and innovation in today's cybersecurity industry.” Chuck's thought leadership writings on cybersecurity have helped shape the public policy debate as he is respected in industr y, in the Federal Government, academia, and on Capitol Hill. He has been a force in discussing, a dvocating, promoting cybersecurity issues across digital media, at events, in professional forums, and with a variety of public policy organizations. He has been a leading evangelist for cybersecurity, homeland security, and emerging technologies in both the public and private sectors. He was selected by LinkedIn as “One of the Top 5 Tech People to Follow On LinkedIn” by LinkedIn. He has been a featu red speaker at numerous events and conferences. He recently presented at a workshop sponsored by The National Academies of Sciences, Engineering, and Medicine and the Federal Bureau of Investigation on Securing Life Sciences Data. He recently spoke at George Washington University event about the Cyber Threat Spectrum, will be participating soon at USTRANSCOM Seni or Leader Cyber Security Roundtable. Chuck has authored numerous articles focusing on cybersecurity, homeland security and technology innovation for many publications including Forbes, Huffington Post, The Hill, Federal Times, IT Security Planet, Bizcataly st 360, Next Gov, Alien Vault, Gov Tech, MIT Sloan Blog, Government Security News, and Brink. Chuck is a pioneer in social media with over 32,000 followers on LinkedIn and a global following and has brought significant attention to cyber issues from his fr equent posts and commentaries. He has been involved as a judge for the past four years as a Judge for Government Security News’ Annual Homeland Security Awards . As a senior executive in government relations, marketing, and management, Chuck brings a unique experience from service in the public sector, academia, and industry. He serves on a variety of boards, many of them philanthropic. He brings a substantive Brooks
  • 135.
    135 knowledge on abroad range of cyber issues and a special subject matter expertise of cybersecurity and homeland security in government that have benefited both the not-for-profit, public, and commercial sectors. Chuck is one of the original “plank holders” at the Department of Homeland Security (DHS). Admiral Jay Cohen, former Under Secretary for Science & Technology at DHS stated “Chuck Brooks. as Director of Legislative Affairs at DHS, was INVALUABLE to me, the DHS S&T Directorate, DHS, the Nation AND Congress in making the "reformation" of DHS S&T a complete success. His Hill/DC acumen, insight, reliability, ability to develop highly effective congressional interaction/communications is WITHOUT PEER in my nearly 16 years dealing with senior executive branch officials, industry, academia and the Congress.” Dexter Ingram, Senior Advisor to Interpol, said the following about Chuck “he is a consummate professional who has a deep understanding of the issues, process, and people involved in the world of homeland security and Law enforcement. His breadth of experience derived from working on The Hill, in government, in academia, in industry, and with the media make him truly unique.” Chuck worked for many years on Capitol Hill for the late Senator Arlen Specter and covered national security, foreign affairs , and technology issues. He also was a member of the Adjunct Faculty at John Hopkins University where taught homeland security for two years. He has advised a multitude of organizations including the Bill & Melinda Gates Foundation, The Cyber Resilience Institute, and the Center for Advancing Innovation. He also serves as Chairman of CompTIA’s New and Emerging Technologies Committee, and is a member of the AFCEA Cybersecurity Committee. He is on the Board of Advisors for CyberTech, and on the Board of Directors at Bravatek, and the Cyber Resilience Institute. He is an advisor to R & D cybersecurity company Inzero Systems. He is a subject Matter Expert to The Homeland Defense and Security Information Analysis Center (HDIAC), a Department of Defense (DoD) sponsored organization through the Defense Technical Information Center (DTIC. Chuck also serves as a Christian Science Monitor “Passcode Influencers Panel member” on Information Security. He has a BA from DePauw University and an MA from the University of Chicago. -----------------------------------------------------------------------------  Christian Science Monitor’s Passcode Influencers gathered from 120 experts from across government,the private sector, research, and the privacy advocacy community
  • 136.
    136 Navigating the fourpillars of Washington By Chuck Brooks, contributor Washington is an eclectic city. It is a metropolis that is thriving economically and socially. Its architectural design is modeled after Paris and it is certainly a city of cultural diversity and historically interesting neighborhoods. Visually, the site of the monuments reflecting against the panoramic backdrop of the Potomac River is memorable for both visitors and native Washingtonians alike. It is really a city like no other city in America. Although it may be geographically small, Washington serves as the engine of government, an anchor of global financial policy and representation, a seat of institutionalized policymaking organizations, and as a growing center for business, especially in high tech. When I first came to Washington, I was overwhelmed by the intensity of life "inside the Beltway." I was enamored with all it had to offer ("Potomac Fever") but uncertain how to navigate it and decipher how things worked. Looking back, I would like to offer structure and pathways for others contemplating a public service career or seeking to accomplish tangible objectives for policy and/or business purposes in the nation's capital. There are four pillars that comprise the foundation of the operational world of Washington: government (executive, judicial and legislative branches); commercial (business, including global financial institutions; policy: (academia, think tanks and associations/organizations); and media (old and new).
  • 137.
    137 These pillars functionboth individually and collectively. They are intertwined and to be effective, it is essential to understand their roles and impact on what you hope to accomplish. Understanding and gaining experience within these pillars that comprise the operational system of Washington takes focus and time. Success can be realized by navigating the pillars and establishing a strategy of strategic relationship building and connecting. Government: There has never been any doubt that government and politics make Washington tick. Government is not only the basis for tens of thousands of jobs in the area, but it also serves as the fulcrum for evolving and communicating domestic and international policies. Government is the center for laws and executive orders overseeing all aspects of our daily life and our professions. The Pentagon, intelligence agencies, and Department of Homeland Security are all based in Washington because it is the epicenter of power and decision-making. Government in Washington is by design structured as a system of check and balances. An understanding of how the various branches of government function is essential to influencing any regulatory outcome whether it be energy, healthcare or a national security issue. Working on Capitol Hill is invaluable experience and connects to all the pillars and is a special pedigree for mobility in one's career. Commercial: Although it is not a financial center like New York, Washington has been transforming over the years as a commercial hub. The World Bank, Federal Reserve, International Financial Corporation and the Chamber of Commerce are some of the organizations headquartered in the city. Many corporations have also relocated to the area to be near the action and position themselves for government and commercial opportunities. Both Virginia and Maryland have established high-tech corridors close to the city for those reasons. The international community with their embassies and trade groups increasingly see Washington as a growing center for commerce. Policy: It is not only the pillars of business and government that are cogs in the machine. Policy organizations (such as the Center for Strategic and International Studies, the Brookings Institution, the Heritage Foundation, the American Enterprise Institute and the Aspen Institute) that provide issue expertise, training and solutions are really the enabling fuel. A myriad of think tanks offer the latest insights in domestic and global events on a regular basis. Top local universities (such as Johns Hopkins's School of Advanced International Studies, George Washington, Georgetown, American, George Mason, and Maryland), also promote dialogue and informed decision-making and access. The
  • 138.
    138 over 6,000 associationsand organization with issue specific interests regularly outreach to key decision– makers who are part of the public and private sector pillars. Strategic communications and thought leadership are integral tools for persuasion. Media: The media are disseminators of information, with the duty to circumspect the activities of the other three pillars. The media's role is a fundamental one; any system of democratic government cannot operate without transparency and oversight. In Washington, most of the country's key media outlets have representation. Outside traditional old media, new media has become a force to consider. Most citizens have constant access and the metrics of public opinion are constantly pulsed. Corporate executives and government leaders use the social media, especially LinkedIn, Facebook and Twitter as part of their work environments. Government 2.0 and Business 2.0 are becoming the norms. Working in one or all of the pillars is helpful in terms of building issue expertise, contacts and gaining a holistic perspective of how Washington really works. This experience can provide the tactical knowledge to advance your marketing efforts and/or cause in the public/private world. There is no substitute for experience and for building a personal network to be empowered and effective. To be successful, you have to always keep abreast of the latest trends and be visible and helpful to your customer. In the Washington arena, you also have to develop the qualities for resilience and persistence as no one is always on the winning side of issues and contracts. Washington will always have its image challenges and be an enigma as to how it functions, especially to those who have never experienced life inside the Beltway. Exploring and experiencing the four pillars will bring an understanding of how to navigate a path to success for those who come to this amazing city to make a difference and leave a positive legacy. ---------------------------------------------------------------------------------------------------------------- Chuck Brooks on Cybersecurity: The Weakest Link Will Always Be the Human Element
  • 139.
    139 Cybersecurity expert ChuckBrooks talks about where we stand in what many people call the "wild, wild west" of cybersecurity. http://www.govtech.com/dc/articles/Chuck-Brooks-on-Cybersecurity-The-Weakest-Link-Will-Always-Be-the- Human-Element.html BY LARRY KARISNY / MARCH 1, 20160 If you're in the cybersecurity business, you know the name Chuck Brooks. He is an advisor to the Bill and Melinda Gates Foundation Technology Partner Network,chairman of CompTIA's New and Emerging Tech Committee, subject matter expertto the Homeland Defense and Security InformationAnalysis Center, “passcode influencer” for The Christian Science Monitor, on the Board of Advisors for CyberTech, and on the Board of Directors at Bravatek and the Cyber Resilience Institute. Brooks also has authored numerous articles focusing on cybersecurity,homelandsecurity and technology innovation for such publications as Forbes, Huffington Post,InformationWeek, MIT Sloan Blog, Computerworld, Federal Times, NextGov,Government Security News, Cygnus Security Media, Homeland SecurityToday,The Hill and Government Executive. I recently got a chance to get Brooks' take on where we are today in what many people call the "wild, wild west" of cybersecurity. Here are his thoughts. Q. You wear manyhats and certainlyhave been focused on cybersecurity for some time now. So tell me, whois ChuckBrooks and whatis he trying to accomplish this space? A. You are right, over my career in government, corporate and academia,I have worn many hats. There have been some strong common threads [of] science, technology, national security,and legislative and
  • 140.
    140 executive policy inall my various roles. Thankfully,I selected a professional vocation of government relations and marketing that encompasses all those threads. My passion for cybersecurity issues was first established over a decade ago during the time I spent at the Department of HomelandSecurity’s Science and Technology Directorate. Back then, the threats to our critical infrastructure were not as pronounced as they are today. Of course we were just beginning to experience the smartphone era. The field of cybersecurity has evolved exponentially alongwith the technologies, networks and connectivity that make up the cyberecosystem. And the ecosystem is quite diverse and expansive, comprising software,hardware, monitoring, forensics,governance andmore. All these elements make it an exciting area to explore since there is always more to learn from strategy and technology perspectives. Also, it certainly blends my common career threads. For anyone’s career focus, studying cybersecurity makes [sense] since it touches everything work- or personal-related. In both the publicand private sectors — just about every CIO survey — cybersecurity is the top concern. And of course, along with data analytics, cybersecurity is a annually a budget priority of federal spending. DHS Secretary Jeh Johnson recently described cybersecurity and counterterrorism as the two top priorities for the protecting the homeland. What I want to accomplish in this space is to continue being a subject matter expert in cybersecurity; I enjoy writing and speaking aboutthe varied aspects of the topic and especially in educating others on how it can impact their lives. My advisory and board director roles with organizations are a reflection of that interest. When I retire (which is a long way off), I hope to join academia again in a part-time role. I spent two years at Johns Hopkins University SAIS [School of Advanced International Studies] teaching graduate students homeland security and foundit very fulfilling.
  • 141.
    141 Q. You haveone of the most active groups in LinkedInunder theheadingof the Departmentof Homeland Security.How has this helped both yourself and DHS in feeling thepulse of the cybersecurity industry? A. I do operate a half dozen groups that focus on homeland security and information security on LinkedIn, including a few of the largest groups: “U.S.Department of Homeland Security, DHS” “Information Technology (Homeland& National Security)” and “Homeland Security.” In all, these groups include about 60,000people. Among the members are a host of well-known cybersecurity professionals who often post and comment on issues of the day. Also, as any news on data breaches or cyberincidents occur, they are often posted in the LinkedIn groups. Moderating these groups certainly keeps me updated and in tune with the pulse of policy. It has also served as a great networking venue to share ideas and information with some of the best security minds around in both the private and federal sectors. Many senior-level executives in the federal government are on social sites such as LinkedIn, GovLoop, Facebook and Twitter. There are an estimated 1.5 million federal government employees who regularly use LinkedIn, including over 65,000from DHS. Because of the growing need for public/private-sector collaboration and interface, being actively involved in social media makes a lot of sense. Q. What is Sutherland Government Relations and what do you do for the company? A. Sutherland Global Services is a global provider of business processing services, contact centers, IT service desks and management consultingserving government and U.S.leadingcorporations across multiple industries, including healthcare and insurance, technology, mortgage and loan services, finance and banking,retail,and travel. Sutherland has 36,000employees and annual revenues of over $1.2 billion, [and] was listed in 2015 as one of the fastest growing private companies in America byInc. I work for the recently created Sutherland Government Solutions as VP of Government Relations and Marketing, where we are at several agencies and are known for integrated services for citizen service
  • 142.
    142 needs and digitalgovernment. Our cybersecurity operations at SutherlandGovernment Services are internal, but we do have a practice in customer relations management after a company or agency has been breached. Our cybersecurity practice is led by Glenn Schoonover who has a deep technical background.He is a former chief information security officer for the Army and was responsible for providing network security to the Department of the Army headquarters. He is also a former senior technology strategist for Worldwide National Security and Public Safety at Microsoft. Q. I see you are activein both the public and private sectors when it comes to cybersecurity. What are the similarities and differences between these two sectors? A. The biggest difference is that government is motivated by mission, and the private sector (for the most part) is driven by profit and loss. The R&D efforts, innovation sector and skilled technical expertise in the private sector has been more robust than in government. Industry is more agile and able to react to threat trends. On the federal side, the landscape has really changedover the past few years. [The U.S. Departmentof Defense], of course, has had the cybersecurity war-fightingmission and continues to build upon new requirements for operations and for systems. On the civilian side, DHS takes an increasingly larger role in cybersecurity. Presidential and congressional directives have mandated thatDHS play a growing and more primary role, especially with protecting critical infrastructure (transportation, health, energy, finance) that is mostly owned by the private sector. DHS has to step up its activities in assessing situational awareness, informationsharing,and resilience research and development plans with stakeholders. This has led to a trend in public-private partnering for sharingthreat information and in creating standards and protocols.In both the public and private sectors, trainingof the next- generation cybersecurity technical and policy [subjectmatter experts] is a major priority. Q. To date,thereseems to be a stand-off between Apple and the federal government when it comes to iPhone security.What are your thoughts on this,and can this bring aboutsome lessons learned for the cybersecurity industry?
  • 143.
    143 A. This isthe topic of the day, and it is a complicated issue relating to government requesting a corporation to provide software to allow access to data. My thoughts may be a bit different from some of the others in the industry. While I recognize the importance of privacy and the dire risk of an Orwellian surveillance state,I consider protecting innocentlives as a mitigating circumstance. What if that data that the FBI is seeking on the terrorist's encrypted phone uncovers a deeper terrorist network planning more horrific acts? In my opinion, this is a mitigating circumstance. What should be done is to establish protocols between industry and law enforcement to cooperate in these type of instances (with proper warrants and assurances) so that company Internet protocolcan be isolated and privacy issues for the company’s customers can be best addressed. I am quite sure Congress will be looking closely at this case to establish legislation to create a working formula.The lesson for cybersecurity is that there is a balance between privacy and security thathas to be constantly reviewed in accordance withthe threats at hand. Q. With billions of Inernet of Things devices on the near horizon and zetabytes of data projected by2020,can we secure and control our digital processes,or are we headed for a digital train wreck? A. According to Gartner, there will be nearly 26 billion networked devices on the Internet of Things (IoT) by 2020. Moreover, it will keep expanding as the cost of sensors decreases and processing power and bandwidthcontinue to increase. The fact is that most of these IT networks will have some sort of an IoT-based security breach.We could be headed for a digital trainwreck if IoT security standards are not adopted. We may have a digital train wreck even if they are adopted. Standards will have to be developed industry by industry. Protecting a network of medical devices in a hospital will require different sets of standards than protecting utilities with SCADA [supervisory control and data acquisition] systems that make up the electric grid. There are a lot of questions, including who enforces compliance? And what are the liabilities of an IoT breach? CYBERSECURITY EXPERT CHUCK
  • 144.
    144 BROOKS' MASTER LISTOF CYBERSECURITY TECH AREAS, PRIORITIES AND EMERGING TRENDS Emerging Technology Areas: // Internet of Things // Wearables // Drones and robots // Artificial intelligence // Smart cities // Connected transportation // Quantum computing Priorities: // Protecting critical infrastructure through technologies and Public/Private cooperation // Better encryption and biometrics (quantum encryption, keyless authentication) // Automated network-security correcting systems (self-encrypting drives) // Technologies for “real-time” horizon scanning and monitoring of networks // Diagnostics and forensics (network traffic analysis, payload analysis and endpoint behavior analysis) // Advanced defense for framework layers (network, payload, endpoint, firewalls and antivirus)
  • 145.
    145 The real dangeris that the Internet was not built for security at its inception; it was built for connectivity. There is some truth to the notion that your network may someday be betrayed by your toaster or refrigerator. One thing is for sure: the Internet of Things will pose many challenges to cybersecurity and data analytics, muchof which we have yet to contemplate. Q. You've had theopportunity to review many cyberdefense technologies. Are we really finding new solutions that can handle this explosion of digital processes,or are we still playing the game of catch-up and patch-and- pray cybersecurity? A. New solutions are continually evolving with threats, but there will always be a need for better encryption, biometrics, analytics and automated network security to protect networks and endpoints. It is a perpetual game of cat and mouse between hackers and protectors, and there is really no such thing as being invulnerable. In a sense, we are continually playing catch-up andreactingto the last incident with patches. The weakest link will always be the human element. However, there are many new interesting technologies that could significantly impact cybersecurity in the near future. There are technologies and algorithms coming out of the national labs, government,and from private-sector R&D and startups thathave the potential to be disruptive. // Mobility and BYOD security // Big data // Predictive analytics // Interoperability Trends: // Informed risk management // Emergence of public/private sector partnerships // More information sharing and collaboration between the public and private sectors // Shared R & D spending // Increased spending for cloud computing // Consolidation of data centers // Expansion of hiring and training of cybersecurity workforce // Tech foraging
  • 146.
    146 Q. Any finalcomments? And are there any speakingengagements or events you are participating in that you would like to announce? Could you also offer a good source for information on the subject of cybersecuritythat you would suggest for our readers? A. Please check my regular posts in the media and social media, join my LinkedIn groups and follow me on Twitter @ChuckDBrooks.I do have some future blogs with the National Cybersecurity Institute on my agenda. Also, in addition to social media, whichI highly recommend, there are many excellent outlets for cybersecurity information including the HomelandDefense and Security Information Analysis Center. A great site that aggregatedcybersecurity news daily is The CyberWire. Larry Karisny is the directorof Project Safety.org, an advisor, consultant, speaker and writersupporting advanced cybersecurity technologies in both the public and privatesectors.