This page contains a Flash digital edition of a book.
McBorrough is not a federal employee. He works on a con- tract providing cyber security expertise at federal government agencies currently.


He is the holder of an alphabet soup of credentials. They in- clude a bachelor of science degree in computer engineering and a master’s degree in information security and assurance, both from George Mason University; a CISSP (Certified Informa- tion Systems Security Professional); CRISC (Certified in Risk and Information Systems Control); CISA (Certified Information Systems Auditor); and as a CEH (Certified Ethical Hacker). McBorrough, 35, is also the author of a June 2012 article on “The Need for Improved Critical Infrastructure Protection” for InfosecIsland.com, “an online community, InfoSec portal.” As an independent consultant, he provides cyber security advisory services to business owners and managers in technol- ogy, health and financial industries, and is also on the technical advisory board of ISC8, a California-based security technologies company. He teaches a security policy course at the University of Maryland University College, and a security architecture course at Northern Virginia Community College. The Liberian-American is dead-serious when commenting on protecting the infrastructure, as citizens depend on access to clean water, electric power, transportation and other services. Yet those systems are increasingly connected to and dependent on network communications. That link and dependency is on networks connected to the Web that are not secure or reliable posing significant risk.


The online link puts power plants, nuclear plants and simi- lar facilities command centers clicks away from hackers globally who want to disrupt or end service. The incidents, he says, include energy sector threats from countries including China, Russia and Iran.


Public/private agreement to counter attack is vital as many facilities are privately-owned and managed. If that occurs, gov- ernment eases regulations and companies invest in security both sides benefit, he says, but that likelihood doesn’t look promising. McBorrough believe the next challenges are in cloud computing, big data and mobility. Organizations struggle to how to take advantage of the benefits of moving to the cloud and maintain levels of security of and control over their data. Big data is swamping companies as they generate millions of log entries across their networks and systems daily. Security professionals will benefit from analyzing that information to gain intelligence into security environment within organizations. Increasingly mobile workforces also force organizations to adjust their security practices, but data resides in every type of device, and on the cloud. Plus, some organizations may allow the use of personal devices at work creating creates new chal- lenges to networks and data.


Beyond the academic qualifications and qualifications, McBorrough says it is vital to be able to use “soft skills to com- municate risks, threats and vulnerabilities as well as make a


www.blackengineer.com


business case for why the benefits of improved security out- weigh the costs.” McBorrough’s has five tools he thinks will assist students and novice security professionals can use to hone their craft: First are free Linux distributions with tools for both offen- sive and defensive security. Two are BackTrack ( www.backtrack-linux.org), a great


suite of tools, for those interested in penetration testing and forensics, and Samurai Web Testing Framework ( www.samurai. ingaurdians.com), a pre-configured Web penetration testing envi- ronment.


Finally, McBorrough says, it is crucial to find a mentor in an area that you like. He locked into the cyber security after working as an intern at what is now Online Resources Co. That launching pad also turned him into a tech evangelist teaching college level cyber security courses and making speeches on the subject to business groups.


“Security is ultimately about people. My goal has always been to increase education and awareness,” he said.


USBE&IT I WINTER 2012 71


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76  |  Page 77  |  Page 78  |  Page 79  |  Page 80  |  Page 81  |  Page 82  |  Page 83  |  Page 84  |  Page 85  |  Page 86