Computer Crime Research Center

cybercrime/8892.jpg

Cybersecurity expert and Cheshire resident dispenses advice

Date: July 27, 2015
Source: Computer Crime Research Center
By: Charles Kreutzkamp Special to the Record-Journal

HAMDEN — Quinnipiac University chief information security officer Brian Kelly knows about keeping information safe from hackers.

In the movies, cybersecurity experts run to cut hard lines to main frames and battle viruses that display flashing skulls on monitors. The day-to-day work of a cybersecurity expert is not as exciting.

The public usually hears about cybersecurity when there has been a breach.

“We’re winning all the time,” Kelly said, but it only takes one breach to expose private data.

“Awareness is big,” in keeping yourself safe, said Kelly, a Cheshire resident.

One of the most common methods to gain access to private information is through phishing, getting users to voluntarily disclose their passwords through deception.

Norton, maker of popular antivirus programs, advises that users be wary of emails asking for confidential information, and never type their passwords into forms embedded in email messages or click links in emails unless they are sure they are authentic.

“These days we see some really sophisticated phishing campaigns,” Kelly said.

Kelly said it also helps to keep software up to date. He recommends using the software Secunia to check for out of date software. It is free to home users.

Kelly was recently honored by being appointed to the 2015-16 Cybersecurity Canon Induction Committee. He explained that The Cybersecurity Canon, sponsored by Palo Alto Networks, seeks to help create a standard baseline of knowledge for the relatively new cybersecurity industry. Books range from technical manuals to history and even popular literature, such as “The Girl With the Dragon Tattoo” by Stieg Larsson.
“The Cybersecurity Canon was created to identify a list of must-read books for all cybersecurity professionals,” Rick Howard, Palo Alto Networks’ chief security officer and 2015-16 Cybersecurity Induction Committee chairman, said in a statement. “These are books in which the content is timeless, genuinely represents an aspect of the community that is true and precise, reflects the highest quality and that, if not read, will leave a hole in the cybersecurity professional’s education that will make the practitioner incomplete.”

Books in the canon must portray significant history or milestones, or describe technical details in ways that “do not exaggerate the craft,” according to a press release.

For Kelly, the canon is the first step toward developing standards that modern systems need. He compares this generation of computers to early cars – not all of them have seat belts and airbags, and there are no crash test ratings.
“We don’t have seatbelts standard. We haven’t gotten to the point yet where systems are inherently secure,” he said.

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo