About Me

George J. Silowash is a published and award-winning information security professional with over 20 years of experience helping private industry and government entities secure their organizations. He is currently the Vice President of Information Technology and Chief Information Officer, faculty member, for a military university in Vermont. He holds several industry certifications including:

  • Certified Information Systems Security Professional Information Systems Security Management Professional (CISSP-ISSMP),
  • GIAC Certified Forensics Examiner (GCFE),
  • GIAC Certified Forensics Analyst (GCFA),
  • GIAC Strategic Planning, Policy, and Leadership. (GSTRT)
He has a Master of Science in Information Assurance from Norwich University.

George specializes in digital forensic investigations, incident response, insider threats, risk management, and much more. When he is not teaching or defending his organization, he enjoys spending time with his three children and wife. He is also an avid amateur (ham) radio operator and enjoys camping.

Awards I have received:

2009 Excellence in Government Award: SIPRNET Connectivity Project Team

Articles I have been featured in:

Largest Vermont Hospital Among Victims of Cyberattack (October 2020)

Talking Cyber Security with a Norwich Expert (December 2016)

Cost of Mitigating the Insider Threat (July 2013)

Logs Paint Picture of Menacing Insider (May 2013)

Radio Programs I have been featured in:

Hacks Put A Spotlight On Cybersecurity (December 2016, Vermont Public Radio)

Cybersecurity In An Era Of Smarter Hacks (August 2018, Vermont Public Radio)

Television Interviews I have been featured in:

Cutler, C. (2023, May 1). Did a state software program expose your personal information? WCAX. Retrieved from https://www.wcax.com/2023/05/01/did-state-software-program-expose-your-personal-information/

Cutler, C. (2021, May 3). State unsure how much fraudsters got in fake unemployment claims.  WCAX. Retrieved from https://www.wcax.com/2021/05/03/state-unsure-how-much-fraudsters-got-in-fake-unemployment-claims/.

WCAX. (2020, October 29). UVM Health Network a victim of cyberattack. WCAX. broadcast, Burrlington, VT. Retrieved from Cutler, C. (2021, May 3). State unsure how much fraudsters got in fake unemployment claims. episode, WCAX. Retrieved from https://www.wcax.com/2020/10/29/uvm-health-network-a-victim-of-cyberattack/.

GNAT. (2020, April 20). The News Project – Joining The Meeting Securely. GNAT News Project. broadcast, Sunderland, Vermont. Retrieved from https://gnat-tv.org/the-news-project-joining-the-meeting-securely/.

Books I have edited:

Coming Soon

Papers I have Authored or Co-Authored:

Silowash, D. Cappelli, A. Moore, R. Trzeciak, T. Shimeall, and L. Flynn, “Common Sense Guide to Mitigating Insider Threats, 4th Edition,” Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Report CMU/SEI-2012-TR-012, 2012.

Pesante, L., King, C., & Silowash, G. (2012, November 26). Disposing of devices safely. CISA. Retrieved September 2, 2022, from https://www.cisa.gov/uscert/security-publications/Disposing-Devices-Safely

Silowash, T. Lewellen, J. Burns, and D. Costa, “Detecting and Preventing Data Exfiltration Through Encrypted Web Sessions via Traffic Inspection,” Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Technical Note CMU/SEI-2013-TN-012, 2013.

Costa, Daniel., Albrethsen, Michael., Collins, Matthew., Perl, Samuel., Silowash, George., & Spooner, Derrick. (2016). An Insider Threat Indicator Ontology (CMU/SEI-2016-TR-007). Retrieved June 23, 2016, from the Software Engineering Institute, Carnegie Mellon University website.

Silowash, George. (2013). Insider Threat Attributes and Mitigation Strategies (CMU/SEI-2013-TN-018). Retrieved June 23, 2016, from the Software Engineering Institute, Carnegie Mellon University website.

Silowash, George., & King, Christopher. (2013). Insider Threat Control: Understanding Data Loss Prevention (DLP) and Detection by Correlating Events from Multiple Sources (CMU/SEI-2013-TN-002). Retrieved June 23, 2016, from the Software Engineering Institute, Carnegie Mellon University website.

Silowash, George., & Lewellen, Todd. (2013). Insider Threat Control: Using Universal Serial Bus (USB) Device Auditing to Detect Possible Data Exfiltration by Malicious Insiders (CMU/SEI-2013-TN-003). Retrieved June 23, 2016, from the Software Engineering Institute, Carnegie Mellon University website.

Lewellen, Todd., Silowash, George., & Costa, Daniel. (2013). Insider Threat Control: Using Plagiarism Detection Algorithms to Prevent Data Exfiltration in Near Real Time (CMU/SEI-2013-TN-008). Retrieved June 23, 2016, from the Software Engineering Institute, Carnegie Mellon University website.

Flynn, Lori., Huth, Carly., Buttles-Valdez, Palma., Theis, Michael., Silowash, George., Cassidy, Tracy., Wright, Travis., & Trzeciak, Randall. (2014). International Implementation of Best Practices for Mitigating Insider Threat: Analyses for India and Germany (CMU/SEI-2014-TR-008). Retrieved June 23, 2016, from the Software Engineering Institute, Carnegie Mellon University website.

Costa, M. Collins, S. Perl, M. Albrethsen, G. Silowash, and D. Spooner, “An Ontology for Insider Threat Indicators,” Proceedings of the Ninth Conference on Semantic Technology for Intelligence, Defense, and Security, STIDS 2014, pages 48–53. CEUR Workshop Proceedings, 2014.

Spooner, Derrick & Silowash, George & Costa, Daniel & Albrethsen, Michael. (2018). Navigating the Insider Threat Tool Landscape: Low Cost Technical Solutions to Jump Start an Insider Threat Program. 247-257. 10.1109/SPW.2018.00040.

“The thoughts expressed herein are my own and do not necessarily reflect those of my employer.”

Print Friendly, PDF & Email