The Magazine of the MCPA

Click here to be published and contribute to the professional dialogue!

Full Text Listing of All Stories

LOADFAST: An Outcome-Driven Digital Forensics Methodology

posted Dec 8, 2018, 9:39 AM by James Caroland   [ updated Dec 9, 2018, 5:34 PM ]

By Alexander M. Rzasa 

Article Summary

LOADFAST is an overarching digital forensics methodology created to assist practitioners, researchers, theorists, students, and juries striving for consistent, verifiable, and scientifically-sound outcomes.  By beginning with – and focusing on – the unique legal objective of any given digital forensics scenario, this methodology emphasizes an outcome-based approach when determining subsequent necessary steps.  Under LOADFAST’s reverse-planning process, the core principles governing identification, collection, and analysis of evidence can be applied in a flexible, efficient, yet consistent manner.

Please see the attached PDF for the entire article.

Artificial Intelligence Will Revolutionize the Way Intelligence is Analyzed

posted Nov 12, 2018, 1:37 PM by James Caroland   [ updated Nov 12, 2018, 1:38 PM ]

By Amanda Custer 

Article Summary

Artificial intelligence will have a major impact on the production cycle of intelligence, allowing the intelligence community to fully utilize all intelligence collected. The current innovations of this technology will facilitate gathering better intelligence across all five disciplines, open source intelligence (OSINT), signals intelligence (SIGINT), geospatial intelligence and imagery intelligence (GEOINT/IMINT), measurement and signature intelligence (MASINT), and human intelligence (HUMINT). The integration of artificial intelligence into these five disciplines will yield more efficient, detailed, and actionable intelligence. Even as artificial intelligence becomes an integrated part of the production cycle in each discipline, human analysis and direction will remain a vital and required component of the integrated process including tasking, collecting, processing, exploiting, and disseminating. Ultimately, artificial intelligence provides human analysts with tools to better handle the incredible burden of information in the digital age by making full use of all available intelligence and extracting more accurate and detailed information to arrive at actionable intelligence faster than ever before.


Understanding NATO's Central Role in the Future of Global Cyber Defense

posted Sep 17, 2018, 6:34 PM by James Caroland   [ updated Sep 17, 2018, 6:35 PM ]

By Samantha Brletich 

Article Summary

The Cooperative Cyber Defence Centre of Excellence (CCDCOE) is a NATO cyber-dedicated center focused on improving NATO member and non-member cyber capabilities as countries face cyber threats from non-state and state actors. NATO created the CCDCOE to evolve to the evolving cyber threat. In response to growing cyber threats, there is a need for international law or policy that addresses how nations can appropriate address cyber threats. The CCDCOE sponsored the writing of the Tallinn Manual on the International Law Applicable to Cyber Warfare and the Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations to examine how existing international law applies to cyberspace and cyber operations. Appropriate and proportional responses need to be developed, as an overreaction may lead to cyber warfare, conventional warfare, or an armed attack. The Tallinn Manual also addresses the use of force and actor involvement. It presents the idea that a use of force does not require a military or other armed forces. Countries and scholars alike turn to the Tallinn Manual 2.0 to develop a policy response to large-scale cyber-attacks such as malware or ransomware. It addresses common incidents and threats that countries face on a day-to-day basis that fall below the threshold for using force or armed conflict in the fifth domain. Individual cyber security policies will only strengthen NATO cyber defenses and the CCDCOE. National-level cyber security strategies will assist in the application of the Tallinn Manual, and strengthen and support the CCDCOE mission and NATO cyber defenses.

Please see the attached PDF for the complete article.

Image credits (in order of appearance): International Telecommunications Union (ITU), Adobe Stock, Geostrategia

Cyber Diplomacy: The Need for a U.S. Cyber Ambassador

posted Sep 14, 2018, 2:09 PM by James Caroland   [ updated Sep 14, 2018, 2:09 PM ]

By Daria Etezadi, MCPA Fellow 

Article Summary

As it currently stands, cyberwar is lawless. The U.S. may be mobilizing across government departments and technology companies to respond to emerging cyber threats, but it needs a cyber diplomat now. Diplomatic and legal frameworks are pivotal in determining rules of engagement and establishing measurable consequences for those who don’t abide by the rules. Given the fact that cyberspace is not bound by physical borders, conversations around cyber security demand international representation. If the U.S. fails to appoint a cyber ambassador to represent the country, then it will miss out on these conversations and lose the chance to shape international rules of engagement. 

Please see attached PDF for the full article.

Image credits (in order of appearance): Pexels, Adobe Stock, Adobe Stock, Twitter, Microsoft

The Importance of Defining Cyber Terrorism

posted Sep 13, 2018, 11:40 AM by James Caroland   [ updated Sep 13, 2018, 11:42 AM ]

By Paul de Souza 

Article Summary

The national security of the United States of America is progressively challenged by new terror tactics, including increasing activity through and against assets in cyberspace. While various organizations define “cyber terrorism” differently, the author maintains the importance of coming to a conclusive definition, not only for the purposes of properly understanding the concept of cyber terrorism, but to be able to counter related activities in protection of national security and/or prosecute applicable parties in accordance with the definition and accompanying laws. The concepts of traditional terrorism are combined with the complexities of cyberspace to suggest proper defining of cyber terrorism. Proposed core components of developing a definition are presented and the implications for the government, the military, and the intelligence community are explored.

Please see the attached PDF file for the complete article.

Image credits (in order of appearance in article):  Globes - Israel's Business Arena, Adobe Stock

Introduction of the Partnership Between Cyber Magazine and Cybersecurity Canon

posted Sep 2, 2018, 7:23 PM by James Caroland   [ updated Sep 2, 2018, 7:25 PM ]

By Major General (Ret) John A. Davis, VP and CSO (Federal) Palo Alto Networks 

Article Summary

I’m honored to announce a new strategic partnership between the Military Cyber Professionals Association (MCPA) Cyber magazine and the Palo Alto Networks-sponsored Cybersecurity Canon. Both of these educational media sites share complementary goals for intersecting audiences within the overall professional cybersecurity community of interest. This is a cost-neutral partnership and both resources are free to the public.

Please see the attached PDF for more details of this exciting new partnership!

The Law of "Cyber-" Prefixes

posted Aug 4, 2018, 11:28 AM by James Caroland   [ updated Aug 4, 2018, 11:30 AM ]

By LTJG Brandon Karpf, United States Navy 

Article Summary

We use “cyber-” prefixes to the detriment of our own goals. This barrier defining language artificially separates cyber-security problems from traditional analogues, to the detriment of security. Only one reasonable path remains: abandon the prefix.


Artificial Intelligence in the Cyber Fight

posted Aug 4, 2018, 10:59 AM by James Caroland   [ updated Aug 4, 2018, 11:03 AM ]

By Michael Lenart 

Article Summary

Artificial intelligence (AI) and machine learning are significantly changing how attackers and defenders operate in cyberspace. The increasing ability of machines to perceive, learn, decide, and act on their own – and to do so much more quickly than humans can – is forcing cyber operators to cede some ground to AI in what is an increasingly machine-speed fight. This trend is reinforced by the rise of the Internet of Things, which exponentially increases the vectors through which attacks can occur and therefore places a premium on machines' ability to process large amounts of information relatively quickly. Besides affecting everyday cybersecurity practices, the increasing use of AI will also affect how military cyber operations are conducted. Nevertheless, machines do not currently possess humans' judgment, sense of context, or general intelligence. As such, for the foreseeable future, the optimal use of AI will pair machines' processing power and speed with humans' higher level thinking skills.


Image credits (in order of appearance):,, The Convex Lens, Raytheon,

Certifications: Are They Worth It?

posted Jul 17, 2018, 7:12 PM by James Caroland   [ updated Jul 17, 2018, 7:12 PM ]

By LTC BE Rhodes, Colorado Army National Guard 

Article Summary

Across the Cybersecurity field, the value of professional certifications is regularly debated.  Holding a certification does not equate to experience and "know-how".  At a minimum, it does demonstrate an ability to learn and retain information.  In the ever-changing world of Cyber, showing the desire to be a lifelong learner is highly desirable for prospective employers.  This article aims to provide a brief introduction to certifications and guidance on where to start.


Untangling the Cyberspace Domain: What Members of the Intelligence Warfighting Function Should Know

posted Jul 6, 2018, 7:15 AM by James Caroland   [ updated Jul 6, 2018, 7:16 AM ]

By LTC Galen Kane, CPT William Sanz, and CPT Wallie Lacks, United States Army

Article Summary

Cyberspace is now the most active, contested, and congested of the warfighting domains.  Given the pace of operations and the rate of change in the environment, new ways of operating are being developed at a rapid pace.  The changes involved with the technology and the extent to which cyberspace is affecting the land and human terrain are significant today and we must be bold and innovative to stay ahead of threats that exists.  Conditions now reflect a full and complete convergence of the human terrain with cyberspace.  One of the greatest opportunities for growth and innovation lies in the Intelligence Warfighting Function (IWfF).  Professionals within the IWfF must evolve their understanding of the cyberspace domain and its impact on future conflict must evolve beyond a rudimentary user-level understanding.  

There are a few common misperceptions prevalent amongst members of the IWfF that operate in the Cyberspace Domain.  These myths contribute to gaps which tangle and impede the IWfF’s ability to effectively support Cyberspace Operations (CO).  The four myths are 1) complexity of the Cyberspace Domain necessitates implementation of unique intelligence support models; 2) Intelligence Preparation of the Battlespace is not applicable to the Cyberspace Domain; 3) complexity of cyberspace inhibits decide, detect, deliver, and assess targeting methodology; and 4) Signals Intelligence is the only source of intelligence that matters in the Cyberspace Domain.

The IWfF is presented with several opportunities to sustain and improve intelligence support to CO. These opportunities include: 1) ensuring all-source intelligence products relevant and accurate; 2) cyberspace enabling functions like the IWfF must possess detailed knowledge and understanding of the Cyberspace Domain; 3) the IWfF’s personnel require proper training and experience to be responsive to the Cyber Mission Force’s intelligence requirements; 4) Finally, the IWfF must take full advantage of the opportunity to disperse the fog and friction that clouds today’s cyberspace operating environment.  For only through these continued examinations will the IWfF move forward most effectively and fully employ our Joint Force to meet challenges in the Cyberspace Domain. 


1-10 of 68