George Silowash
Software Engineering Institute
George J. Silowash is an SEI alumni employee.
George J. Silowash is a Cybersecurity Threat and Incident Analyst within the CERT® at the Software Engineering Institute (SEI), a unit of Carnegie Mellon University. He is part of the Threat Technical Solutions and Standards team. He has over nine years of experience in the information technology field, including systems administration and information security. George's latest work involves developing technical controls using open source software to counter data exfiltration attempts by malicious insiders. Other areas of interest include privacy and security, digital forensic investigations, and critical infrastructure security. Before joining CERT, George was an Information Systems Security Officer for the United States Department of Justice, National Drug Intelligence Center. He was also a systems administrator for a healthcare company prior to working in the Federal government. In addition, George is an adjunct professor at Norwich University's Information Assurance Program. He has a Master of Science in Information Assurance from Norwich University and is a Certified Information Systems Security Professional (CISSP).
Publications by George Silowash
-
Navigating the Insider Threat Tool Landscape: Low-Cost Technical Solutions to Jump-Start an Insider Threat Program
July 03, 2018 • White Paper
Derrick SpoonerGeorge SilowashDaniel L. Costa
This paper explores low cost technical solutions that can help organizations prevent, detect, and respond to insider incidents.
read -
Low Cost Technical Solutions to Jump Start an Insider Threat Program
December 12, 2016 • Technical Note
George SilowashDerrick SpoonerDaniel L. Costa
This technical note explores free and low cost technical solutions to help organizations prevent, detect, and respond to malicious insiders.
read -
An Insider Threat Indicator Ontology
May 10, 2016 • Technical Report
Daniel L. CostaMichael J. AlbrethsenMatthew L. Collins
This report presents an ontology for insider threat indicators, describes how the ontology was developed, and outlines the process by which it was validated.
read -
An Ontology for Insider Threat Indicators
November 24, 2014 • Conference Paper
Daniel L. CostaMatthew L. CollinsSamuel J. Perl
In this paper, the authors describe their ongoing development of an insider threat indicator ontology.
read -
International Implementation of Best Practices for Mitigating Insider Threat: Analyses for India and Germany
April 16, 2014 • Technical Report
Lori FlynnCarly L. HuthPalma Buttles-Valdez
This report analyzes insider threat mitigation in India and Germany, using the new framework for international cybersecurity analysis described in the paper titled “Best Practices Against Insider Threats in All Nations.”
read -
Best Practices and Controls for Mitigating Insider Threats
November 07, 2013 • Webinar
George SilowashAlex Nicoll
In this 2013 webinar, Alex Nicoll and George Silowash discuss how the CERT division develops, inspects, and transitions insider threat controls to the public.
watch -
Insider Threat Control: Using Plagiarism Detection Algorithms to Prevent Data Exfiltration in Near Real Time
October 03, 2013 • Technical Note
Todd LewellenGeorge SilowashDaniel L. Costa
In this report, the authors describe how an insider threat control can monitor an organization's web request traffic for text-based data exfiltration.
read -
Insider Threat Attributes and Mitigation Strategies
July 01, 2013 • Technical Note
George Silowash
In this report, George Silowash maps common attributes of insider threat cases to characteristics important for detecting, preventing, or mitigating the threat.
read -
Detecting and Preventing Data Exfiltration Through Encrypted Web Sessions via Traffic Inspection
March 01, 2013 • Technical Note
George SilowashTodd LewellenJoshua W. Burns
In this report, the authors present methods for detecting and preventing data exfiltration using a Linux-based proxy server in a Microsoft Windows environment.
read -
Mitigating Insider Threat - New and Improved Practices Fourth Edition
February 28, 2013 • Podcast
George SilowashLori FlynnJulia H. Allen
In this podcast, participants explain how 371 cases of insider attacks led to 4 new and 15 updated best practices for mitigating insider threats.
learn more -
Insider Threat Control: Using Universal Serial Bus (USB) Device Auditing to Detect Possible Data Exfiltration by Malicious Insiders
January 01, 2013 • Technical Note
George SilowashTodd Lewellen
In this report, the authors present methods for auditing USB device use in a Microsoft Windows environment.
read -
Insider Threat Control: Understanding Data Loss Prevention (DLP) and Detection by Correlating Events from Multiple Sources
January 01, 2013 • Technical Note
George SilowashChristopher King
In this report, the authors present methods for controlling removable media devices in a MS Windows environment.
read -
Common Sense Guide to Mitigating Insider Threats, Fourth Edition
December 01, 2012 • Technical Report
George SilowashDawn CappelliAndrew P. Moore
In this report, the authors define insider threats and outline current insider threat patterns and trends.
read