News

Why Attend?

If you must present a case to your supervisor, use this document as a starting point. Emphasize the immediate and long-term benefits of attending the Sunshine Cyber Conference for your team and organization. Investing in professional development today will help safeguard your organization tomorrow!

Why Attend?2025-01-27T13:26:51-05:00

No Password Required Podcast Special Episode – Tanya Janca

No Password Required Podcast Special Episode - Tanya Janca

Tanya Janca, widely known as SheHacksPurple, is the Head of Community and Education at Semgrep and the best-selling author of Alice and Bob Learn Application Security. With over 25 years of experience in coding and IT, Tanya has become a leading advocate for secure software practices.
Her highly anticipated sequel, Alice and Bob Learn Secure Coding, takes a deeper dive into building secure software from the ground up. This new book equips developers with practical techniques to integrate security at every stage of the development process. Tanya’s passion for teaching secure practices stems from her extensive career, which began in the Canadian government. Starting as a software developer, she later transitioned to election security and served as the IT Security Coordinator (CISO equivalent) for the 42nd General Election in Canada. Driven by her mission to “secure all the things,” Tanya continues to inspire and empower the global developer community, ensuring that security becomes a foundational element of software development.

You can follow Tanya Janca on LinkedIn here: https://www.linkedin.com/in/tanya-janca/
You can follow Tanya Janca on Twitter here: @shehackspurple
You can learn more about Semgrep Academy here: https://academy.semgrep.dev/

No Password Required Podcast Special Episode – Tanya Janca2025-01-23T15:14:31-05:00

chat:CYBR Podcast Episode 8: Bryan Langley

In this episode of chat:CYBR, hosts James Jacobs and Jordan Deiuliis are joined by Brian Langley from Cyber Florida to discuss the Critical Infrastructure Protection Program. They explore the importance of critical infrastructure, the findings from a comprehensive risk assessment, and the challenges faced by sectors in cybersecurity.

chat:CYBR Podcast Episode 8: Bryan Langley2025-02-18T12:18:47-05:00

Strengthening Florida’s Cybersecurity with the Cyber Risk Assessment

Cybersecurity has become a critical priority for organizations across public and private sectors. Recognizing this need, Cyber Florida has developed the Florida Cyber Risk Assessment (FCRA), a no-cost, confidential cybersecurity risk assessment aligned with NIST Cybersecurity Framework (CSF) 2.0. The FCRA is designed to assist critical infrastructure (CI) organizations in identifying and mitigating cybersecurity risks, complying with best practices outlined in the Florida Cyber Act (Statute 282.318), and building resilience against cyber threats.

What is the Florida Cyber Risk Assessment?

The FCRA is a Florida-specific adaptation of the Cyber Security Evaluation Tool (CSET®) developed by Idaho National Lab. It incorporates 106 NIST CSF questions and 48 Ransomware Readiness Assessment (RRA) questions, providing a structured approach for organizations to strengthen their cybersecurity frameworks. Participants can generate customized reports to enhance their cyber defense strategies and align with legal and regulatory requirements.

Addressing Gaps in Florida’s Critical Infrastructure Sectors

Recent FCRA assessments have revealed significant cybersecurity gaps within Florida’s CI sectors:

  • Lack of Response and Recovery Plans: 50% of CI providers lack robust response and recovery plans.
  • Weak Authentication Practices: Half of CI organizations do not use Multi-Factor Authentication (MFA).
  • Inconsistent Partner Audits: While 39% conduct response planning with third-party providers, only 48% regularly audit these partners’ cybersecurity practices.
  • Limited Training Programs: 49% lack formal cybersecurity training programs beyond basic awareness.
  • Unclear Management Responsibilities: Nearly half of providers do not have assigned cyber-management responsibilities, with 49% lacking a Chief Information Security Officer (CISO).
  • Infrequent Incident Response Exercises: Only 48% of organizations conduct biannual incident response tabletop exercises.
  • Undefined Risk Tolerance: Just 53% of CI providers have clearly defined their risk tolerance, highlighting a critical gap in risk management strategies.

Enhancements and Tools to Support Cybersecurity

To address these challenges, Cyber Florida has implemented or is developing several tools and initiatives:

  • Entry and Mid-Level Assessments:
    • A 20-question entry-level assessment evaluates organizations’ protections based on the top 20 areas of concern.
    • A 38-question mid-level assessment measures cybersecurity maturity against CISA Cybersecurity Performance Goals (CPGs).
  • Maturity Modeling: A maturity index based on the Multi-State Information Sharing and Analysis Center (MS-ISAC) template helps organizations benchmark their cybersecurity practices.
  • AI-Driven Resource Mapping Tool: In development, this innovative tool generates summaries from NIST 800-53 for all 106 CSF questions. Users will be able to efficiently create comprehensive cyber plans, including governance, incident response, and recovery plans.
  • Workshops: A series of cybersecurity presentations aimed at raising awareness and educating CI organizations in both the public and private sectors.

New Tools and 2025 Initiatives

Cyber Florida continues to innovate and expand its efforts to enhance cybersecurity across the state. Notable initiatives include:

  • Florida CI Mapping Pilot Project (Cyber-Bulls-I): A first-in-the-nation resource to help CI sectors address cyber risks, meet legal requirements, and build future compliance capacity. This tool provides risk reduction resources tailored to Florida’s sectors, risks, needs, and vulnerabilities.
  • Enterprise Data Management Platform: A forthcoming platform designed to identify grant, research and development, and policy opportunities for Florida’s CI sectors.
  • Visualization and Dashboard Tools: New tools for state leadership to monitor and address cybersecurity challenges effectively.
  • Workforce Development Initiatives: These include a new mapping tool to support small business and defense industry growth.

The Path Forward

With its comprehensive approach and cutting-edge tools, the Florida Cyber Risk Assessment is paving the way for a stronger cybersecurity posture across Florida’s critical infrastructure sectors. Organizations adopting the FCRA’s recommendations and utilizing its resources will be better equipped to protect themselves against evolving cyber threats and ensure compliance with industry standards and legal mandates.

Cyber Florida remains committed to fostering a secure, resilient, and innovative cyber environment for Florida. For more information or to participate in the FCRA, visit https://cyberflorida.org/cip/ today.

Strengthening Florida’s Cybersecurity with the Cyber Risk Assessment2025-01-17T12:42:18-05:00

GNSI Tampa Summit | The Russia-Ukraine War: Lessons for Future Conflicts

The Russian invasion of Ukraine has created a sharp evolution, if not a revolution, in modern conflict and wartime strategy. Emerging technologies and innovative strategies such as drone employment, information operations, social media, and battlefield medical treatment have featured prominently and will impact how combatants around the world approach future conflict. How can we expect these lessons to be applied, and how should U.S. national policy address these changes?

In cooperation with the USF College of Arts and Sciences, the Institute for Russians, European, and Eurasian Studies and the United States Central Command, GNSI Tampa Summit 5 will bring together the country’s boldest scholars, subject matter experts, and policymakers to probe deeply into those questions and many more.

General (Ret) Frank Mckenzie

Executive Director, GNSI, University of South Florida and former commander of U.S. Central Command

John Kirby

White House National Security Communications Advisor

Olga Chiriac, PhD

Project Europe Director, Irregular Warfare Initiative

Ambassador (Ret) Bill Taylor

Vice President, Europe and Russia, USIP and former U.S. Ambassador to Ukraine

David Kramer

Executive Director, George W. Bush Institute

Peter Pomerantsev

Senior Fellow, SNF Agora Institute, Johns Hopkins University

These are just a few of the all-star lineup of speakers. Additional discussions:

• Ukraine Strategic Lessons

• Drones in Modern War: Land, Sea and Air

• The Impact on Europe and NATO

Deep Dive Breakout Sessions are Back!

• Medical Treatment in War

• Russian/Iranian/North Korean Cooperation

• Civilians in War

GNSI Tampa Summit | The Russia-Ukraine War: Lessons for Future Conflicts2025-03-06T14:40:03-05:00

Zabrina Mcintyre — Director and Cybersecurity Advisor at KPMG and Rain Culture Authority

No Password Required Podcast Episode 55 — Zabrina Mcintyre

Zabrina Mcintyre — Director and Cybersecurity Advisor at KPMG and Rain Culture Authority

Zabrina Mcintyre is a Director and Cybersecurity Advisor at KPMG, where she leverages her diverse expertise in cybersecurity, risk management, and strategic project leadership.

She brings a unique blend of creativity and expertise to her work by combining a Master of Arts (MA), Art Business, a specialized MBA program with international focus with extensive professional experience in the creative and cybersecurity industries. She has worked at three major animation studios, bringing a fresh perspective to her role in cybersecurity.

A passionate advocate for women in cybersecurity, Zabrina serves as a founding member and past president of the WiCyS Western Washington Affiliate. She continues to contribute to the industry as a board member of the National Women in Cybersecurity (WiCyS) BISO Affiliate. Additionally, she is known for her unique understanding of rain culture, shaped by her time living in the rainy cities of Seattle and London.

The show begins with Jack Clabby of Carlton Fields, P.A., joined by resident cybersecurity expert Kayley Melton, analyzing a new U.S army initiative to support small businesses in meeting cybersecurity requirements and ensuring a secure and resilient network of partners critical to national security.

Follow Zabrina Mcintyre on LinkedIn: Zabrina Mcintyre

Zabrina Mcintyre — Director and Cybersecurity Advisor at KPMG and Rain Culture Authority2024-12-30T09:35:56-05:00

chat:CYBR Podcast Bonus Episode: Ernie Ferraresso

In this episode of chat:CYBR, hosts James Jacobs and Jordan Deiuliis welcome Ernie Ferraresso, the Director of Cyber Florida, to discuss the organization’s achievements over the past year and plans for the future. They delve into the impact of Cyber Florida’s programs, including the Sunshine Cyber Conference and Cyber Launch events, and highlight the importance of the cybersecurity education and workforce development initiatives that Cyber Florida is engaged in.

chat:CYBR Podcast Bonus Episode: Ernie Ferraresso2025-02-18T12:19:03-05:00

chat:CYBR Podcast Episode 7: Frank Cilluffo

In this episode of chat:CYBR, host James Jacobs and co-host Jordan Deiuliis engage with Frank Cilluffo, director of Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security. They discuss the Cyberspace Solarium Commission’s role in shaping U.S. cybersecurity policy, the recent report ‘Securing America’s Digital Future,’ and the importance of viewing cybersecurity as integral to economic competitiveness.

chat:CYBR Podcast Episode 7: Frank Cilluffo2025-02-18T12:19:18-05:00

CONTACT US

Cyber Florida at USF
4202 E. Fowler Avenue, ISA7020
Tampa, FL 33620

Office meetings by appointment only

PRIVACY POLICY

Copyright 2024 The Florida Center for Cybersecurity at the University of South Florida. Information on this website is made available for general educational purposes only and should not be used in lieu of obtaining competent legal advice from a licensed attorney or cybersecurity professional with sufficient expertise necessary to address your specific needs. Use of this website does not create any special or fiduciary relationship between you and the Florida Center for Cybersecurity or the University of South Florida.