Cyber Florida

About Cyber Florida

This author has not yet filled in any details.
So far Cyber Florida has created 83 blog entries.

2020-2021 Annual Report

As it was for so many around the world, 2020-2021 was a year of change at the Florida Center for Cybersecurity (Cyber Florida). In addition to navigating the pandemic, the introduction of new leadership ushered in a bolder vision for the Center with high-reaching objectives designed to position Cyber Florida on the national stage. A comprehensive review of resources, structure, and mission areas culminated in an ambitious three-year Strategic Plan with well-defined goals aligned to our three mission pillars: education, research, and outreach. We were part of three grant awards from the federal government that brought nearly $8 million in funding to the state of Florida, including funding for free workforce training for veterans and first-responders! 

Some of the key achievements from 2020-2021 include

  • Retooling the University of South Florida’s M.S. in Cybersecurity into four new master’s degree programs to more effectively address employer needs
  • Implementing Operation K12: a highly successful initiative in partnership with the Florida Center for Instructional Technology that has infused cybersecurity hygiene and career awareness curricula into public schools throughout Florida and created numerous pathways for K-12 students to spark and encourage interest in cybersecurity careers
  • Partnering with DC-based think-tank New America to create a national Cyber Citizenship Education program to combat the rising threat of mis- and disinformation online
  • Funding rapid research projects to investigate how COVID-19 misinformation spread via social media in the early weeks of the pandemic, how the public used social media to seek health-related information, and cybercrime victimization stemming from COVID-19
  • Landing three grant projects to support the National Security Agency’s Centers of Academic Excellence in Cybersecurity (CAE-C) program by providing leadership support for the Southeast Region; designing and implementing a national workforce development program, CyberSkills2Work, as part of a 10-member consortium; and creating a national collegiate cyber competition for the CAE Community with a focus on encouraging newcomers to field, particularly those from underrepresented groups
  • Adding staff resources to enhance our role in enabling and facilitating of state-of-the-art research across the State University System of Florida (SUS) by capturing more grant opportunities, bringing more research dollars to Florida, and leading a series of research-focused events
  • Introducing a public policy aspect to our outreach mission area to effect change at the state and national level, advocating for legislative and budgetary support to improve the overall cybersecurity posture of our citizens, organizations, and nation-at-large
  • Bringing together an incredible roster of distinguished thought-leaders for a major virtual conference hosted on behalf of U.S. Central Command examining the United States’ role in cyberspace through the lens of the ‘Great Power Competition’
  • Creating a Governing Council of dean-level representatives from across the SUS to guide and support our efforts
  • Conducting several successful public outreach campaigns—one in partnership with the Florida Secretary of State to raise awareness about voting misinformation—on matters of public cyber safety
2020-2021 Annual Report2021-10-01T23:56:19-04:00

Evelyn Curry

Evelyn Curry is an M.B.A candidate. Her career started in the United States Air Force, where she specialized in the logistics and security of nuclear missiles. In her civilian career, she has specialized in governing technical infrastructures and mitigating organizational risks. She joined Cyber Florida as a Senior Business Analyst in 2020 with a focus on promoting sustainability and operational excellence through Organizational Change Management. Today, she serves as the Associate Director of Cyber Operations and Analytics.

Evelyn Curry2025-01-29T12:07:45-05:00

Kate Whitaker

Kate Whitaker is a senior communications professional with over 25 years of experience in higher education, nonprofits, and government. Specializing in communicating complex scientific and technical ideas and information to various audiences, Ms. Whitaker is an expert in program development, project management, digital media, media relations, and internal and external communications. Throughout her career, she has spearheaded a variety of comprehensive branding, fund-raising, and event and program outreach campaigns across multiple channels to a spectrum of stakeholders. She holds a BA in English and an MBA in Management.

At Cyber Florida, she leads a team of talented professionals who promote the center’s activities and accomplishments and conduct statewide public awareness campaigns, events, and programs to encourage better cyber-self-defense among organizations and individuals.

Kate Whitaker2025-01-24T12:40:11-05:00

Ernie Ferraresso

As the senior director of Cyber Florida, Ernie drives the organization’s strategic vision while overseeing the center’s day-to-day operations. He started with Cyber Florida in 2017 as associate director of programs and partnerships and brings decades of technology expertise and leadership experience to his role.

Prior to Cyber Florida, Ernie worked for a small technology design and integration firm as the Director of Operations, overseeing the design and implementation of cybersecurity and emergency operations center technology solutions in the U.S. and throughout Latin America.

He is a retired U.S. Marine Intelligence Officer who served in the U.S. and abroad. His work included assignments with the U.S. Special Operations Forces, the intelligence community, the George C. Marshall European Center for Security Studies, and U.S. Cyber Command.

Ernie Ferraresso2025-01-24T12:42:13-05:00

General (Ret.) Frank McKenzie

General (Ret) Kenneth F. “Frank” McKenzie, Jr. became the Executive Director of the University of South Florida’s Global and National Security Institute in May 2022. In July 2022, he also became the Executive Director of the Florida Center for Cybersecurity, also known as Cyber Florida.

He is the former Commander, United States Central Command. A native of Birmingham, Alabama, upon graduation from The Citadel in 1979, General McKenzie was commissioned into the Marine Corps and trained as an infantry officer.

He has commanded at the platoon, company, battalion, Marine Expeditionary Unit (MEU), and component levels. As a lieutenant colonel, he commanded First Battalion, Sixth Marines. As the Commanding Officer of the 22d MEU (SOC), he led the MEU on combat deployments to Afghanistan in 2004 and Iraq in 2005-06. In 2006-07 he served as the Military Secretary to the 33rd and 34th Commandants of the Marine Corps.

Upon promotion to Brigadier General in July 2007, he served on the Joint Staff as a Deputy Director of Operations within the National Military Command Center. In June 2008, he was selected by the Chairman of the Joint Chiefs of Staff to be the Director of the Chairman’s New Administration Transition Team (CNATT). In this capacity, he coordinated the efforts of the Joint Staff and the combatant commands in preparing for and executing a wartime transition of administrations.

In June 2009, he reported to the International Security Assistance Force (ISAF) in Kabul, Afghanistan, to serve as the Deputy to the Deputy Chief of Staff (DCOS) for Stability. Upon his return from Afghanistan, in July 2010, he was assigned as the Director, Strategy, Plans, and Policy (J-5) for the U.S. Central Command. In August 2012, he reported to Headquarters Marine Corps to serve as the Marine Corps Representative to the Quadrennial Defense Review. In June 2014, he was promoted to Lieutenant General and assumed command of U.S. Marine Corps Forces, Central Command.

In October 2015, he was assigned to the Joint Staff to serve as the Director, J-5, Strategic Plans and Policy, Joint Staff.

In July 2017, he was named the Director, Joint Staff. General McKenzie was promoted to the grade of General and assumed command of U.S. Central Command (CENTCOM) in March 2019. He relinquished command of CENTCOM

and retired from the Marine Corps on 1 April 2022, completing over 42 years of service.

General McKenzie is an honors graduate of the Armor Officer Advanced Course, Marine Corps Command and Staff College, and the School of Advanced Warfighting. He was selected as a CMC Fellow in 1999, and served as a Senior Military Fellow within the Institute for National Strategic Studies at the National Defense University. He has a master’s degree in teaching with a concentration in history. He is currently the President of the Board of Directors of the Institute of Applied Engineering at the University of South Florida, a Distinguished Senior Fellow on National Security at the Middle East Institute, a Member of the International Advisory Committee of the National Council on U.S. Arab relations, and a Member of the National Security Advisory Council, U.S. Global Leadership Coalition. He is the Hertog Distinguished Fellow at the Jewish Institute for the National Security of America (JINSA) Gemunder Center for Defense and Strategy.

General (Ret.) Frank McKenzie2025-03-13T14:26:55-04:00

Preparing for a Ransomware Attack – 10 Tips

Criminals have always targeted financial chokepoints. In the past, this was in the form of storage facilities and transports of valuable items. Nowadays, reliance on technology and data for business operations has created a “single point of failure” for most organizations. Information System outages can completely inhibit even the most basic operations.

Ransomware is a targeted form of malware that aims to “lock” data and systems within an environment in order to extort a payment. This attack method has grown into a criminal industry of its own, complete with support staff, payment portals, and malware engineers. By targeting organizations of all sizes and industries, ransomware has become a persistent and existential operational threat. Unfortunately, there is no known method to 100% prevent ransomware from affecting an organization. The best thing an organization can do to reduce the impact of ransomware is the implementation of a comprehensive cybersecurity plan, ranging from prevention to response.

1. Preventative Cybersecurity Controls

Perhaps the most well-known cybersecurity practice on this list is also one of the most important. By preventing ransomware from running on systems, there is very little need for recovery. No single control will be completely effective against all strains of ransomware, and standard Anti-Virus is fighting an uphill battle to remain relevant as cybercriminal tactics expand.

Example Tools and Services:

  • Anti-Virus Software
  • Endpoint Detection and Response Solutions
  • Application Whitelisting Solutions

2. Detecting Ransomware

Detection of ransomware can be critical in the early stages of spreading. Often, ransomware is delivered via phishing emails or other malicious files that contain “first level” drops which callout to a home-server for the final malware package. Detection during these early phases can prevent a complete network encryption. Solutions that rely on detecting ransomware early usually require urgent manual remediation before the threat actors expand their hold.

Example Tools and Services:

  • Security information and event management (SIEM)
  • Security Operations Center (SOC)
  • Endpoint Detection and Response Solutions
  • Dark Web Scanning and Assessments (Detect Leaked Data and Passwords)

3. Incident Response Planning

Incident response planning is usually underemphasized in a system security plan. Protecting the network can only get an organization so far. An attacker only has to get lucky once. Whenever the worst does occur, best practice dictates that a plan should be in place. Every organization is not expected to have the skills, team, and resources to deal with a cybersecurity incident. However, having a pre-defined contact (outsourced) and budget to deal with these events should be at the top of any disaster planning agenda.

Example Tools and Services:

  • Internal Incident Response Team
  • Outsourced Incident Response “on retainer”
  • Established Incident Response Guidance

4. Disaster Recovery and Disaster Recovery Services

Disaster recovery services are different than simple backups. Disaster recovery planning and services are the “next level” of backup, emphasizing rapid business operation recovery in the event of a disaster such as ransomware. These services often utilize specialized tools that enable remote hosting and rapid temporary infrastructure deployment in order to immediately resume business operations while the incident response takes place.

Example Tools and Services:

  • Internal Disaster Recovery Planning with backup infrastructure
  • Disaster Recovery as a Service (Outsourced)

5. Centralized Management of Assets

Centrally managing assets is a key aspect to complete cybersecurity and IT posture. By monitoring asset health (drive status, CPU usage, account activity, etc.), IT staff can detect anomalies indicative of a threat. Remote management capabilities enable incident responders to rapidly audit devices and control endpoints where needed. Without central management of devices, ransomware is much more difficult to deal with on an emergency timeline.

Example Tools and Services:

  • Remote Monitoring and Management Tool
  • Outsourced IT and Cybersecurity Management
  • Specialized Endpoint Security Solutions with Central Management

6. Defense-in-Depth Security Planning

Comprehensive security planning relies on a principle known as Defense-in-depth. By segmenting networks and implementing robust and redundant controls around each sensitive asset in a variety of categories, organizations can ensure that systems are protected by a diverse suite of controls. Ransomware would then need to breach several layers of defenses in order to successfully propagate.

Example Tools and Services:

  • Internal Risk Map and System Security Plan
  • Outsourced Cybersecurity Services
  • Detailed Network Map with Projected Threat Vectors

7. Threat Intelligence Feeds

Knowing the current threats facing an industry can be a significant advantage when evaluating risk. Certain ransomware groups target specific industries such as finance, construction, government, education, healthcare, etc. By staying informed on the tactics, techniques, and procedures (TTP) utilized within groups targeting an industry, relevant controls can be utilized and configured to prevent these attacks.

Example Tools and Services:

  • Custom Threat Intelligence Feed
  • Outsourced Threat Intelligence
  • Internal or Outsourced Managed Cybersecurity

8. Cybersecurity and IT Audits

Audits are key to detecting gaps within a cybersecurity posture. Whether these audits are performed by an external or internal party, their importance cannot be overemphasized. A comprehensive picture of an organization’s network can reveal glaring holes in policy or controls, enabling an effective plan of action to be created.

Example Tools and Services:

  • Annual Third-Party Cybersecurity Audit
  • Vulnerability Scans and Penetration Tests

9. Monitored and Aggressive Patching

Aggressive patching of critical security flaws in applications and operating systems is one of the most effective steps that can be taken to reduce the risk of a ransomware attack. Very often, ransomware exploits a recently discovered vulnerability in a system to spread rapidly within a network. By monitoring the patch status of devices and pushing patches on an aggressive timeline, the worming behavior of ransomware can be stopped cold.

Example Tools and Services:

  • Remote Monitoring and Management Solutions
  • Managed Cybersecurity and Patching Services
  • Automated Windows Patching and Compliance

10. Cyber Insurance

If an organization were to follow all of the recommendations above and still get affected by an irreversible ransomware attack, cyber insurance would be they key to avoiding financial ruin. These insurance agencies provide coverage based on assessed risk and will help recover from the financial effects of a successful attack.

Due Diligence

Through all these recommendations, one overall question should rise to the front of any organization’s leadership: Are we doing everything we can to prepare for ransomware? Attacks are happening on an unprecedented scale, specifically affecting critical government infrastructure and small businesses. It is no longer optional – take the necessary steps now to prepare for a ransomware attack before it is too late.


We are pleased to share this guest post from Scarlett Cybersecurity, a Florida-based leading cybersecurity provider whose mission is to simplify cybersecurity for organizations of all sizes. To learn more about Scarlett Cybersecurity, visit www.scarlettcybersecurity.com.

Preparing for a Ransomware Attack – 10 Tips2024-07-26T16:01:45-04:00

Florida Ransomware Incidents 2016-2019

n

Prepared by University of South Florida graduate students, this report provides an in-depth analysis of 18 high-profile ransomware incidents targeting Florida public sector entities between 2016-2019. This technical analysis reviews the targets, suspected perpetrators, and tactics used to conduct the attacks. The information gathered is useful for ransomware researchers and security analysts looking for patterns and commonalities among targets and tactics to aid in preventing future attacks.

Florida Ransomware Incidents 2016-20192024-09-10T13:36:58-04:00

Cybersecurity: Are Florida’s Governments Ready?

n

In 2019, Cyber Florida in partnership with the Florida League of Cities, the Florida Local Government Information Systems Association, and others conducted a survey of county and municipal IT managers to determine how prepared they feel they are to respond to and recover from a cyberattack and what the chief obstacles are to become better prepared and more resilient. The outcome was shared with local and state government leaders to help inform decision-making, budgeting, and future legislative initiatives.

Cybersecurity: Are Florida’s Governments Ready?2024-09-10T13:40:17-04:00

Cybersecurity for Local Government

Cybercriminals frequently target municipal and county government organizations knowing they have limited resources for cybersecurity, but a wealth of data. Government organizations also often provide critical public services that, should they go offline, create chaos and a sense of urgency that cybercriminals can leverage for payment. This non-technical, easy-to-read guide is intended for public service managers to better understand how to plan for, prevent, and mitigate cyberattacks.

The guide reviews a number of common threats facing municipal and county government organizations, school districts, and law enforcement agencies (with real-world examples) and some affordable, easy-to-implement best practices that can help significantly reduce organizational cyber threat risk.

n

Cybersecurity for Local Government2022-02-12T16:13:51-05:00

CONTACT US

Cyber Florida at USF
4202 E. Fowler Avenue, ISA7020
Tampa, FL 33620

Office meetings by appointment only

PRIVACY POLICY

Copyright 2024 The Florida Center for Cybersecurity at the University of South Florida. Information on this website is made available for general educational purposes only and should not be used in lieu of obtaining competent legal advice from a licensed attorney or cybersecurity professional with sufficient expertise necessary to address your specific needs. Use of this website does not create any special or fiduciary relationship between you and the Florida Center for Cybersecurity or the University of South Florida.