Likes on articles
About the author
Kathleen Moriarty, Chief Technology Officer, Center for Internet Security has over two decades of experience. Formerly as the Security Innovations Principal in Dell Technologies Office of the CTO, Kathleen worked on ecosystems, standards, and strategy. During her tenure in the Dell EMC Office of the CTO, Kathleen had the honor of being appointed and serving two terms as the Internet Engineering Task Force (IETF) Security Area Director and as a member of the Internet Engineering Steering Group from March 2014-2018. Named in CyberSecurity Ventures, Top 100 Women Fighting Cybercrime. She is a 2020 Tropaia Award Winner, Outstanding Faculty, Georgetown SCS. Kathleen achieved over twenty years of experience driving positive outcomes across Information Technology Leadership, IT Strategy and Vision, Information Security, Risk Management, Incident Handling, Project Management, Large Teams, Process Improvement, and Operations Management in multiple roles with MIT Lincoln Laboratory, Hudson Williams, FactSet Research Systems, and PSINet. Kathleen holds a Master of Science Degree in Computer Science from Rensselaer Polytechnic Institute, as well as, a Bachelor of Science Degree in Mathematics from Siena College. Kathleen authored "Transforming Information Security: Optimizing Five Concurrent Trends to Reduce Resource Drain", published July 2020.
To prevent attacks, there's a push for multi-factor authentication. This is a vital step and should be considered if your organisation hasn't yet made the transition. But while MFA adds protections, how you implement single sign-on, authorisation, and/or federation requires consideration.
Let’s say you’re tasked with selecting a strong authentication solution for your organisation. Where do you begin? This article is the first of a series that will explore authentication and authorisation technologies in the context of recent exploits and developing trends.
With various types of attacks utilising managed service providers to gain access to multiple targets, it's important to ask how those service providers can help improve security for enterprise environments. Although taking measures in this area requires a lot of effort, the recent increase in attac…
The Center for Internet Security (CIS) recently published an updated version of the CIS Controls. CIS Controls v8 helps organisations break the zero trust journey down into achievable steps that are prioritised in a meaningful way.
Recent Day One attacks have demonstrated how difficult it can be for organisations to react when vulnerabilities are announced.
Attestation…simplified! This post explains how attestation can provide system-level remediation and resiliency. It can be conducted remotely and at scale, ensuring transparency of compliance with industry security controls and benchmarks.
In the third of this series of guest posts, Kathleen Moriarty talks about the importance of posture assessment - the process of evaluating organisation or system security - and looks at solutions for simplifying that process that could help organisations achieve higher levels of trusted assurance.
In the second of a series of guests posts on information security, Kathleen Moriarty of the Center for Internet Security (CIS) takes a close look at the benefits of zero trust architectures and what their increased adoption means for the industry.
In the first of a series of guest posts, Kathleen Moriarty of the Center for Internet Security (CIS) examines five vital trends that are guiding the industry toward better information security.
The second Coordinating Attack Response at Internet Scale workshop (CARIS2) met earlier this year to discuss changes to infrastructure and monitoring as on-the-wire or transport encryption becomes stronger (for example, TLS 1.3 and QUIC) and ubiquitous.