Matthew Rosenquist

Cybersecurity insurance is a rapidly growing market, swelling from approximately $13B in 2022 to an estimated $84B in 2030 (26% CAGR), but insurers are struggling with quantifying the potential risks of offering this type of insurance.

Cybersecurity is one of the most important—and least talked-about—business issues today. But how can you prepare your organization against the threat of a devastating attack? Join instructor and cybersecurity expert Matthew Rosenquist as he identifies the five biggest mistakes made by cybersecurity organizations, regardless of their size or stature.

Explore the power of learning from others’ mistakes to improve your ability to manage digital risk. Find out what happens with inexperienced… Show more

Cybersecurity is one of the most important—and least talked-about—business issues today. But how can you prepare your organization against the threat of a devastating attack? Join instructor and cybersecurity expert Matthew Rosenquist as he identifies the five biggest mistakes made by cybersecurity organizations, regardless of their size or stature.

Explore the power of learning from others’ mistakes to improve your ability to manage digital risk. Find out what happens with inexperienced leadership, deprioritized strategic thinking, failing to optimize for threats, insufficient organizational teamwork, and failing to maximize value. Matt brings a wealth of cybersecurity knowledge gleaned from over three decades of industry experience, showing you how to manage risk more effectively so you can avoid costly blunders. Show less

Featured Article: The Next Great Challenge for CISOs

I am honored to be recognized! Cybersecurity is truly a team effort at a strategic level, either we all work together or the threats will tear us down piecemeal! Every person, no matter their role, can play an important part in making digital technology trustworthy and keeping the Internet secure, private, and safe.

Technology is taking center stage in a debate between national security and individual privacy. Governments are challenging encryption practices and requesting backdoors to products, to the concern of many companies and customers. The debate is heated and at risk are unintended consequences. Matthew Rosenquist, Intel’s cybersecurity strategist, provides insights and recommendations. He wants rational thoughts, facts, and for the global community to gain from a long term understanding of the… Show more

Technology is taking center stage in a debate between national security and individual privacy. Governments are challenging encryption practices and requesting backdoors to products, to the concern of many companies and customers. The debate is heated and at risk are unintended consequences. Matthew Rosenquist, Intel’s cybersecurity strategist, provides insights and recommendations. He wants rational thoughts, facts, and for the global community to gain from a long term understanding of the challenges before decisions are made. Everyone wants security and privacy. The challenge is finding the optimal balance. Show less

As we race to embrace technology, we make ourselves increasingly vulnerable to cyber attacks. This is a calculated risk we all take. But recently, the threat has evolved in ways both startling and inventive. Whereas a few years ago hackers had focused on crashing websites or harvesting data, a new type of attack—an “integrity” attack—quietly compromises the internal workings of companies or organizations, allowing criminals to pilfer exorbitant sums of money with minimal fuss. As these methods… Show more

As we race to embrace technology, we make ourselves increasingly vulnerable to cyber attacks. This is a calculated risk we all take. But recently, the threat has evolved in ways both startling and inventive. Whereas a few years ago hackers had focused on crashing websites or harvesting data, a new type of attack—an “integrity” attack—quietly compromises the internal workings of companies or organizations, allowing criminals to pilfer exorbitant sums of money with minimal fuss. As these methods become more popular, our desperate need for trained cybersecurity professionals to combat them becomes more acute.

Motherboard spoke with Matthew Rosenquist, a cybersecurity strategist and Intel Evangelist with over 20 years of experience, about the evolving methods of attackers and what we can do to defend ourselves in this digitally intertwined world. Show less

Intel IT hopes enterprises can use our Insider Threat Field Guide to understand and prioritize insider threats to further improve enterprise security strategies.

Cybersecurity Industry quarterly threat report and 5-year retrospective

Cybersecurity is poised for a notorious year. The computer security industry had a tumultuous 2014, with significant breaches, compromises, and vulnerabilities permeating the news. Governments, businesses, and huge swaths of everyday people were affected. In the next twelve to eighteen months will see even greater, bolder, and more complex attacks emerge.

This year’s installment for the top computer security predictions highlights how the threats are advancing, outpacing defenders… Show more

Cybersecurity is poised for a notorious year. The computer security industry had a tumultuous 2014, with significant breaches, compromises, and vulnerabilities permeating the news. Governments, businesses, and huge swaths of everyday people were affected. In the next twelve to eighteen months will see even greater, bolder, and more complex attacks emerge.

This year’s installment for the top computer security predictions highlights how the threats are advancing, outpacing defenders, and the landscape is becoming more professional and organized. New targets will emerge and the expectations of security will rise. As the industry changes, there will be struggles, setbacks, victories, and surprises. Although the view of our cybersecurity future is obscured, one thing is for certain, it will be an exciting ride. Show less

As the chapter of 2012 has come to a close and the blank pages of 2013 open before us to be written, it is time once again to look into the future and predict what the next 12 months hold for the cyber and information security domain.

Whitepaper: Increasingly, healthcare organizations are realizing the value of risk assessments as much more than a regulatory or compliance checkbox. Risk assessments also bring a targeted and measured approach to privacy and security. Risks can be mitigated through application of safeguards until the residual risks are below the acceptable level set by the organization. Risk assessments can be improved with attention to threat agents, for example internal Curious or Disgruntled Healthcare… Show more

Whitepaper: Increasingly, healthcare organizations are realizing the value of risk assessments as much more than a regulatory or compliance checkbox. Risk assessments also bring a targeted and measured approach to privacy and security. Risks can be mitigated through application of safeguards until the residual risks are below the acceptable level set by the organization. Risk assessments can be improved with attention to threat agents, for example internal Curious or Disgruntled Healthcare Workers, or external Prescription Fraudsters. This guides budget allocation to highest priority risks, and avoids information privacy and security becoming a budgetary black hole.
Show less

Intel IT has developed a threat agent risk assessment (TARA) methodology that distills the immense number of possible information security attacks into a digest of only those exposures most likely to occur. This methodology identifies threat agents that are pursuing objectives which are reasonably attainable and could cause unsatisfactory losses to Intel.

It would be prohibitively expensive and impractical to defend every possible vulnerability. By using a predictive methodology to… Show more

Intel IT has developed a threat agent risk assessment (TARA) methodology that distills the immense number of possible information security attacks into a digest of only those exposures most likely to occur. This methodology identifies threat agents that are pursuing objectives which are reasonably attainable and could cause unsatisfactory losses to Intel.

It would be prohibitively expensive and impractical to defend every possible vulnerability. By using a predictive methodology to prioritize specific areas of concern, we can both proactively target the most critical exposures and efficiently apply our resources for maximum results. The TARA methodology identifies which threat agents pose the greatest risk, what they want to accomplish, and the likely methods they will employ. These methods are cross-referenced with existing vulnerabilities and controls to pinpoint the areas that are most exposed. Our security strategy then focuses on these areas to minimize efforts while maximizing effect. Show less

Intel developed a defense-in-depth strategy to optimize information security using interlocking prediction, prevention, detection and response capabilities. It is a structure designed to support consistent and comprehensive security controls throughout the organization while allowing flexibility needed to manage risk.

It promotes continual improvement, maturity of security services, and adaptability to evolving threats. At Intel, proliferation of the defense in depth methodology has… Show more

Intel developed a defense-in-depth strategy to optimize information security using interlocking prediction, prevention, detection and response capabilities. It is a structure designed to support consistent and comprehensive security controls throughout the organization while allowing flexibility needed to manage risk.

It promotes continual improvement, maturity of security services, and adaptability to evolving threats. At Intel, proliferation of the defense in depth methodology has resulted in more efficient business decisions. The fundamental aspects allows for consolidation of support resources, helps highlight alternative methods for managing risk, aligns programs across environments, and keeps focus on achieving optimal security. Show less

Quantifying value for security programs is difficult at best. Intel IT developed a model for measuring Return on Security Investment (ROSI) in our manufacturing environments that produces a much higher level of accuracy than other methods currently available. Although not the silver bullet to measure all security programs, it does show in some circumstances, value can be quantified to the level needed to make sound business decisions.