Peter Makohon

Peter Makohon

Charlotte Metro
4K followers 500+ connections

About

Senior executive information security leader with experience running cyber security…

Activity

Join now to see all activity

Experience

  • AIG Graphic

    AIG

    Charlotte Metro

  • -

    Charlotte Metro

  • -

    Charlotte Metro

  • -

    Charlotte Metro

  • -

    Rochester, New York, United States

  • -

    Rochester, New York, United States

  • -

    Rochester, New York, United States

  • -

    Geneseo, New York, United States

  • -

    WGSU FM

  • -

    Rochester, New York Metropolitan Area

Education

Publications

  • Speaking Engagement - UNCC Cyber Security Conference Ransomware Panel

    UNCC Cyber Security Symposium

    A virtual panel that reviewed different strategies for defending against ransomware attacks.

    See publication
  • The Pandemic and Information Security

    Recipes for IT

    With the lockdown due to COVID 19, nearly every organization has moved rapidly to remote access for employees, and a much higher degree of internet sales and service for customers. For a number of teams that I have talked to, their transition was relatively smooth and they are typically finding they have been able to maintain productivity for most of their staff. This is good news, as it gives employees more flexibility (as well as perhaps commute time back) and enables organizations to…

    With the lockdown due to COVID 19, nearly every organization has moved rapidly to remote access for employees, and a much higher degree of internet sales and service for customers. For a number of teams that I have talked to, their transition was relatively smooth and they are typically finding they have been able to maintain productivity for most of their staff. This is good news, as it gives employees more flexibility (as well as perhaps commute time back) and enables organizations to continue to perform despite the lockdowns and quarantines. At the same time though, the increase in digital work and interactions, increases vulnerabilities and potential for cybercrime.

    Other authors
    See publication
  • Is Your Enterprise Secure? 7 Questions You Should Ask

    Recipes for IT

    Here are 7 questions you should ask (and try to answer) to understand how well your corporation is protected.

    Other authors
    See publication
  • Speaking Engagement - Women in Cyber Security Conference

    UNCC, 49th Security Division

    This event is a Women in Cyber Security Conference that will consist of 3 panels focused on answering real questions from the audience and will be focused on questions concerning Cyber Security/ Information Security careers. Each Panel will offer different perspectives and backgrounds for well rounded discussions on the issues that matter most to you.

    Guests include Morgan Phipps, Rowanne Joyner, Ashton Morris, Sandy Stitzlein, Peter Makohon, Carrie Norman, and more.

    See publication
  • Speaking Engagement - RSA NWUC 2012 - Targeted or Random Attack

    RSA

    Targeted or Random Attack? Using Cyber Intelligence and Network Forensics Automation to Determine the Level of Risk

    See publication
  • Speaking Engagement - Defending against Advanced Persistent Threats

    Deloitte Cyber Threat Management Seminar 2012, Kuala Lumpur, Malaysia

  • Cyber Crime: Survival Strategies for a Tough Neighborhood

    Wall Street Journal

    By gathering and analyzing enterprise intelligence on cyber crimes, organizations can build stronger defenses against increasingly specialized threats.

    Other authors
    See publication
  • A Risk-Based Approach to Combating Cyber Crime

    Wall Street Journal

    Cyber crime targeted at companies continues to increase in frequency and severity. Today’s cyber criminals have become adept at finding weaknesses in the assets and defenses of secured IT environments, and exploiting them to gain access.

    To counter this threat, companies are embracing a risk-based approach to security that involves using threat modeling to identify system vulnerabilities and then applying threat intelligence to address existing and emerging threats. And they are…

    Cyber crime targeted at companies continues to increase in frequency and severity. Today’s cyber criminals have become adept at finding weaknesses in the assets and defenses of secured IT environments, and exploiting them to gain access.

    To counter this threat, companies are embracing a risk-based approach to security that involves using threat modeling to identify system vulnerabilities and then applying threat intelligence to address existing and emerging threats. And they are reevaluating the way they apply often limited security resources: Tasks addressing minor threats are automated, thus freeing IT security experts on staff to focus their attention on more important threats.

    In this first of two articles on system security, we explore a more effective risk-based approach to combating cyber crime—one that focuses on prioritizing which data and information to protect based on its value and risk-related significance to the organization.

    Other authors
    See publication
  • Tech Trends 2011 The natural convergence of business and IT

    Deloitte

    Deloitte’s annual Technology Trends report examines the ever-evolving landscape of technology put to business use. Topics are chosen based on their potential business impact over the next 18 months, with input from clients, analysts, alliances and our network of academic leaders.

    See publication
  • Speaking Engagement - Top IT Security Threats for 2011

    Wall Street Technology Association IT Risk Management Conference

    Top IT Security Threats for 2011”, Wall Street Technology Association IT Risk Management Conference, New York, NY, 2011.

  • Speaking Engagement - Defending Against Cyber Chaos”

    International Association of Privacy Professionals KnowledgeNet Event

    Defending Against Cyber Chaos”, International Association of Privacy Professionals KnowledgeNet Event, Chicago IL, 2011. Speaker

  • Forging a Virtual Steel Wall

    ComputerWorld

    Hardening software to prevent security breaches is coming back into fashion. And, yes, it's worth the trouble.

    See publication
  • A Hard Approach to System Security

    ComputerWorld

    Is hardening your systems worth the time and trouble? Most say yes.

    See publication
  • Speaking Engagement - Capitalizing on Proactive and Preemptive Cyber Intelligence to Mitigate Cyber Criminal Threats

    FBI International Conference on Cyber Security, Fordham University, New York City

  • Speaking Engagement - Deloitte webcast, "Combating Cyber-Threats from the Underground Economy: A View from the Front Lines."

    Deloitte

    More than 40 percent of executives polled by Deloitte believe remote internet access to corporate systems, embedded malware in computers, applications and devices, and little visibility into the security protocols of suppliers and business units are the greatest cyber risks today. The executives were polled recently during the Deloitte webcast, "Combating Cyber-Threats from the Underground Economy: A View from the Front Lines."

    See publication
  • Greatest Cyber Risk Driven by Remote Network Access and Embedded Malicious Code

    Deloitte / CISION PR Newswire

    Peter Makohon, senior manager, Deloitte & Touche LLP and a webcast presenter, told participants that "cyber crime may already be in their neighborhoods" and cited the following issues facing executives:

    Current signature-based information security controls are not effective against sophisticated, cyber threats and exploits, which are evolving at a phenomenal rate.
    Companies lack the automated systems and skilled analysts to rapidly analyze, identify, contain, analyze, and remediate…

    Peter Makohon, senior manager, Deloitte & Touche LLP and a webcast presenter, told participants that "cyber crime may already be in their neighborhoods" and cited the following issues facing executives:

    Current signature-based information security controls are not effective against sophisticated, cyber threats and exploits, which are evolving at a phenomenal rate.
    Companies lack the automated systems and skilled analysts to rapidly analyze, identify, contain, analyze, and remediate compromised devices.
    Information provided by various cyber intelligence sources is often outdated and high level; therefore, companies cannot take effective counter-actions based on that information alone.
    Organizations lack expertise, resources, technology, and process capabilities for taking timely action on these near real-time cyber threats.

    See publication
  • Organizations stumped on compromised device containment

    Info Security Magazine

    Peter Makohon, a senior manager at Deloitte, warned that companies lack the automated systems to analyze and contain compromised devices.

    See publication
  • Peter Makohon Keeps Wachovia Secure on the Cyber Front Lines

    BankTech

    With 120,000 employees and 14.7 million online banking customers, Charlotte, N.C.-based Wachovia's universe of end users and the number of devices connected to its network is immense. Keeping the $808 billion asset institution safe from emerging security threats falls to Peter Makohon, VP of information security, Wachovia threat and vulnerability management. But while protecting Wachovia's network against ever more sophisticated attacks is a constant challenge that requires eternal vigilance…

    With 120,000 employees and 14.7 million online banking customers, Charlotte, N.C.-based Wachovia's universe of end users and the number of devices connected to its network is immense. Keeping the $808 billion asset institution safe from emerging security threats falls to Peter Makohon, VP of information security, Wachovia threat and vulnerability management. But while protecting Wachovia's network against ever more sophisticated attacks is a constant challenge that requires eternal vigilance, Makohon says protecting the bank's customers is an even bigger challenge.

    See publication
  • NetScout Unveils Broad Strategy to Unify Network Performance Management for the Enterprise

    Netscout Systems

    This was a result of helping Netscout create their Netscout Newspaper strategy and also working with them to increase their ability to perform packet capture and analysis.

    See publication
  • Keeping your business safe

    Wells Fargo

    With cybersecurity incidents regularly making headlines, it’s clear cyber threats are a serious risk factor for all modern businesses. The connected technology that functions as an engine for business growth can also create opportunities for cybercrime. Small businesses face the same risks as large companies.

    Other authors
    See publication

Patents

  • Security Model Utilizing Multi-Channel Data

    Issued 11706241

    Systems, methods and computer-readable storage media are utilized to analyze multi-channel data based on a security model in a computer network environment. A computing system is communicatively coupled to a plurality of data channels configured to access entity data via at least one data channel communication network. A plurality of data sources configured to store entity data are associated with the respective data channels. A processing circuit is communicatively coupled to a particular data…

    Systems, methods and computer-readable storage media are utilized to analyze multi-channel data based on a security model in a computer network environment. A computing system is communicatively coupled to a plurality of data channels configured to access entity data via at least one data channel communication network. A plurality of data sources configured to store entity data are associated with the respective data channels. A processing circuit is communicatively coupled to a particular data channel via a data channel communication network and is structured to receive, via the data channel, entity data comprising device connectivity data, parse properties from the device connectivity data where the properties correspond to particular security dimensions, identify vulnerabilities associated with the properties, determine vulnerability impact, and generate a multi-dimensional risk score for a target computer network environment associated with the entity.

    See patent
  • Autonomous configuration modeling and management

    Issued US 11522898

    The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of autonomous asset configuration modeling and management. The innovation includes probing elements of a networked architecture to compile information about elements in the networked architecture. The innovation learns a configuration for the at least one element in the environment based on the probing and determines vulnerabilities in the learned configuration. The innovation develops a threat…

    The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of autonomous asset configuration modeling and management. The innovation includes probing elements of a networked architecture to compile information about elements in the networked architecture. The innovation learns a configuration for the at least one element in the environment based on the probing and determines vulnerabilities in the learned configuration. The innovation develops a threat model based on the learned configuration. The innovation applies the threat model to the elements of the networked architecture and deploys a configuration that resolves the vulnerabilities based on the threat model to the elements in the networked architecture. The threat model can be developed over time using machine learning concepts and deep learning of data sources associated with the elements and vulnerabilities.

    See patent
  • Profile Management

    Issued US 11281 797

    In one or more embodiments, a first entity may create a profile by providing content via an interface or a first interface. A second entity may manage one or more aspects of the profile via a second interface. The amount of control the second entity has over one or more portions of the profile may be related to or based on content of the profile or a relationship between the first entity and the second entity. For example, the second entity may screen content of the profile from public view…

    In one or more embodiments, a first entity may create a profile by providing content via an interface or a first interface. A second entity may manage one or more aspects of the profile via a second interface. The amount of control the second entity has over one or more portions of the profile may be related to or based on content of the profile or a relationship between the first entity and the second entity. For example, the second entity may screen content of the profile from public view. Additionally, profiles may be searched internally within an organization or externally, such as for outsourcing or to provide vendors or clients with more customized solutions. In this manner, profile management is provided.

    See patent
  • Network segmentation

    Issued US 11178007

    The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of determining network segmentation. The innovation can search a network to determine a set of network entities, the network entities belonging to the network, and determine network factors of each network entity in the set of network entities. The innovation can evaluate each network factor and determine segmentation candidates based on the evaluation of each network factor. The innovation can…

    The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of determining network segmentation. The innovation can search a network to determine a set of network entities, the network entities belonging to the network, and determine network factors of each network entity in the set of network entities. The innovation can evaluate each network factor and determine segmentation candidates based on the evaluation of each network factor. The innovation can determine a risk ranking for each network factor for each network entity and aggregate each risk ranking into a segmentation score for each network entity. The innovation can determine a segmentation candidate when a network entity segmentation score satisfies a threshold score. The innovation can generate a sub-network that is part of the network for the segmentation candidate, and transfer the segmentation candidate to the sub-network.

    See patent
  • Eliminating network security blindspots

    Issued US 11070581

    The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of eliminating blind spots in a network system. The systems and methods generate synthetic transactions across a network system and capture at least part of the generated synthetic transactions. The systems and methods determine parts of the synthetic transactions that were not captured and generate a logical security map of the network system based on the captured synthetic transactions. The…

    The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of eliminating blind spots in a network system. The systems and methods generate synthetic transactions across a network system and capture at least part of the generated synthetic transactions. The systems and methods determine parts of the synthetic transactions that were not captured and generate a logical security map of the network system based on the captured synthetic transactions. The systems and methods determine at least one blind spot in the logical security map of the network system and determine a solution to eliminate the at least one blind spot. The systems and methods implement the solution for the network system to eliminate the blind spot.

    See patent
  • End-of-life management system

    Issued US 10812518

    The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of managing network entities. The innovation scans a network system to determine network entities, e.g. hardware devices and/or software applications. The innovation receives version information about hardware and software. The innovation compares version information to end-of-life information regarding the network entities. The innovation determines potential mitigating actions based on the…

    The innovation disclosed and claimed herein, in one aspect thereof, comprises systems and methods of managing network entities. The innovation scans a network system to determine network entities, e.g. hardware devices and/or software applications. The innovation receives version information about hardware and software. The innovation compares version information to end-of-life information regarding the network entities. The innovation determines potential mitigating actions based on the comparison and creates an end-of-schedule for managing vendor contracts with regards to end-of-life network entities.

    See patent
  • Predictive modeling for anti-malware solutions

    Issued US 10728276

    Provided is predictive modeling for anti-malware solutions. The predictive modeling includes an identification manager component that generates profile data for a hostile source. The hostile source is identified based on a previous threat attributed to the hostile source. The predictive modeling also includes an evaluation component that determines a characteristic of an interaction between a source and an endpoint. Further, the predictive modeling includes a validation component that compares…

    Provided is predictive modeling for anti-malware solutions. The predictive modeling includes an identification manager component that generates profile data for a hostile source. The hostile source is identified based on a previous threat attributed to the hostile source. The predictive modeling also includes an evaluation component that determines a characteristic of an interaction between a source and an endpoint. Further, the predictive modeling includes a validation component that compares the characteristic of the interaction with the profile data and controls access to the source by the endpoint based on the comparison. In addition, anti-malware software is not deployed on the endpoint.

    See patent
  • Universal installer and uninstaller

    Issued US 10698672

    Provided are a universal software installer and/or uninstaller. The universal software installer determines a structure of the software to be installed and verifies all necessary software elements are applied or installed on the endpoint during the install. The universal software uninstaller determines a structure of the software to be uninstalled and verifies all related software elements are removed from the endpoint. The universal software installer and/or uninstaller is independent of an…

    Provided are a universal software installer and/or uninstaller. The universal software installer determines a structure of the software to be installed and verifies all necessary software elements are applied or installed on the endpoint during the install. The universal software uninstaller determines a structure of the software to be uninstalled and verifies all related software elements are removed from the endpoint. The universal software installer and/or uninstaller is independent of an operating system platform executing on the endpoint.

    See patent
  • Security validation of software delivered as a service

    Issued US 10678672

    An electronic computing device obtains application source code to be tested. The application source code is automatically categorized into one or more hardware or software classifications. One or more tests are identified for the application source code based on the one or more hardware or software classifications. The one or more tests are run against the application source code. The one more tests are monitored as they are running Based on results from the one or more tests, a test score…

    An electronic computing device obtains application source code to be tested. The application source code is automatically categorized into one or more hardware or software classifications. One or more tests are identified for the application source code based on the one or more hardware or software classifications. The one or more tests are run against the application source code. The one more tests are monitored as they are running Based on results from the one or more tests, a test score representing a security risk of the application source code is automatically determined. A summary of the results from the one or more tests, including the test score, is visually displayed on the electronic computing device.

    See patent
  • Authentication and authorization without the use of supplicants

    Issued US 10419439

    Provided is authentication and authorization without the use of supplicants. Authentication and authorization includes generating a profile for a device based on at least one characteristic observed during a successful attempt by the device to access an 802.1X network infrastructure. Expected characteristics for a next attempt to access the infrastructure by the device are determined. A characteristic of the next access attempt is matched to the expected characteristic and access to the network…

    Provided is authentication and authorization without the use of supplicants. Authentication and authorization includes generating a profile for a device based on at least one characteristic observed during a successful attempt by the device to access an 802.1X network infrastructure. Expected characteristics for a next attempt to access the infrastructure by the device are determined. A characteristic of the next access attempt is matched to the expected characteristic and access to the network is selectively controlled as a result of the matching. This is achieved without a supplicant being installed on the device.

    See patent
  • Situational awareness and perimeter protection orchestration

    Issued US 10419473

    Systems and methods provide for a situational awareness and perimeter protection orchestration system to determine when network attacks are occurring or are about to occur, and provide tools and services to mitigate the attacks. The attacks can be denial of service attacks or distributed denial of service attacks or other types of attacks designed to disable and degrade a network. The dashboard can collect intelligence on what is happening on the network, and also streams of information from…

    Systems and methods provide for a situational awareness and perimeter protection orchestration system to determine when network attacks are occurring or are about to occur, and provide tools and services to mitigate the attacks. The attacks can be denial of service attacks or distributed denial of service attacks or other types of attacks designed to disable and degrade a network. The dashboard can collect intelligence on what is happening on the network, and also streams of information from third parties that can be used to predict imminent network attacks. The dashboard can also determine what tools and services are available to the network operator in order to counteract the attacks.

    See patent
  • Operational support for network infrastructures

    Issued US 10,9716718

    Systems and methods that facilitate operational support for network infrastructures are discussed. The disclosed system and method facilitate a unified view of the current state of the network and networked devices including real-time log monitoring and for providing metrics for long term system planning. One such method can include the acts of automatically discovering a device deployed on a network, receiving device and network related data in real-time, determining whether a device is…

    Systems and methods that facilitate operational support for network infrastructures are discussed. The disclosed system and method facilitate a unified view of the current state of the network and networked devices including real-time log monitoring and for providing metrics for long term system planning. One such method can include the acts of automatically discovering a device deployed on a network, receiving device and network related data in real-time, determining whether a device is authorized, terminating device network access, filtering device data, validating device configuration, configuring a device and providing an output for use by a user. The disclosed system and method can be utilized, for example, to reduce the time involved in troubleshooting and resolving network issues, for establishing a baseline for network performance and for network capacity planning.

    See patent

Projects

Organizations

  • Global Association for Risk Professionals

    -

    - Present
  • Strikers Soccer Club

    Head coach

    -

    Club Soccer coach

  • Financial Services Sector Coordinating Council

    Senior Manager

    -

More activity by Peter

View Peter’s full profile

  • See who you know in common
  • Get introduced
  • Contact Peter directly
Join to view full profile

Explore collaborative articles

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Explore More

Others named Peter Makohon

Add new skills with these courses