Defense in depth takes many forms, but for Nic Penning, a security engineer working for the state of South Dakota, that’s meant taking a deeper look at the threats hidden within emails moving across the state’s network.
For the past five months, Penning has been building a set of metrics off all of the data surrounding the state’s email traffic. Penning, whose interest in cybersecurity forensics led to a stint in the U.S. government-sponsored CyberCorps program and eventually his current job, has been studying the nature and frequency of phishing attacks, widespread spamming activity and the presence of malware riding along with email.