VIRTUAL CYBER ACADEMY WOULD SOLVE WORKFORCE ISSUE AND HELP REDUCE THE DEFICIT

Posted on May 11, 2023 at 5:34 pm

An analysis of the proposal to create a national, virtual, cybersecurity academy shows that creating the academy would not only solve the federal government’s cybersecurity workforce problem in less than 4 years but would create savings that allows the program to pay for itself – and even contribute to reducing the federal budget deficit. The […]


CHINA BEATING US ON TECH STANDARDS – BIDEN NATIONAL STRATEGY NEEDED

Posted on May 9, 2023 at 8:31 am

What could possibly be less sexy than setting technical standards? It’s a tough question, I’ll give you a minute. Maybe, writing about setting technical standards? But it’s one of those jobs that absolutely HAS to be done. Obviously, the technical standards are the building blocks of the digital world. If the standards are not done […]


RSA REPORT ON SECURE BY DESIGN — WE NEED AN HOV LANE

Posted on April 26, 2023 at 8:00 am

One of the many activities at RSA this week has been a series of meetings on how exactly CISA can implement the big idea in the Biden Administration’s new national cybersecurity strategy, shifting the focus on cyber from the user to the providers of cyber technology. Much of the talk around the new strategy has […]


Joint Letter from ISA and AGB to House and Senate Appropriations Committee

Posted on April 9, 2023 at 9:57 pm

Dear Congressional Members of the House and Senate Appropriations Committees: We are writing to urge the House and Senate Appropriations Committees in the fiscal year (FY) 2024 appropriations bill to include $200 million for the Department of Defense Cyber and Digital Service Academy (the Academy) that was authorized in the FY 2023 National Defense Authorization […]


WHAT IS BEST FOR SEC ON CYBER? OLD STYLE REGS OR NACD MODEL?

Posted on April 5, 2023 at 9:41 am

To begin with, we know the cyber risk oversight model described in the NACD-ISA Cyber Risk Handbook actually enhances cybersecurity.  We also know there is no proof the SEC proposed regulations, which have already been tried in multiple venues, will enhance cybersecurity or protect investors.  In fact, the NACD-ISA handbook is the only set of […]


INTERNET SECURITY ALLIANCE HIGHLIGHTS FOR MARCH 2023

Posted on April 3, 2023 at 8:52 am

President Biden Releases new National Strategy for Cybersecurity. ISA had extensive contact with the WH which wrote the new strategy. The new strategy adopted made major “shifts” in the government’s policy consistent with ISA recommendations. Among other issues ISA policy is reflected in new emphasis on altering the incentive structure for cybersecurity (ISA mantra for […]


INDEPENDENT REVIEW OF FIXING AMERICAN CYBERSECURITY

Posted on March 31, 2023 at 9:14 am

A Review of Fixing American Cybersecurity, Edited by Larry Clinton and Foreword by Kiersten Todt This entry was posted in Book ReviewCybersecurity on March 30, 2023 by Steven Bowcut In an era of growing cyber threats and increasing data breaches, the need for robust cybersecurity measures has never been greater. Against this backdrop, Larry Clinton’s new book, “Fixing American Cybersecurity: Creating […]


SEC NEEDS A CYBER MODEL THAT WORKS

Posted on March 30, 2023 at 9:29 am

Writing in the February edition of Foreign Affairs CISA Director Jen Easterly called for “a new model” for cybersecurity.  A month later President Biden released a new national strategy for cybersecurity which he said would “realign incentives in favor of long-term investment. When releasing the new strategy acting WH Director for Cybersecurity Kemba Waldon said, […]


The SEC: The Elephant in the New National Cyber Strategy

Posted on March 27, 2023 at 11:28 am

The Biden Administration’s new National Cybersecurity Strategy is an important first step toward improving our nation’s cybersecurity. This strategy, unlike the numerous others that have been unveiled over the past 20 years, adopts ISA’s core argument that we cannot create a sustainably secure cyber system until we rebalance the incentives for cyber-attacks. ISA is not […]


FIRST DO NO HARM: THE MANTRA FOR NEW CYBER REGULATION

Posted on March 15, 2023 at 9:17 pm

The traditional regulatory model – when applied to cybersecurity – is actually anti-security. For all the discussion around the Biden Administration’s new cyber strategy generating new regulations, this one simple fact remains. There is no evidence the cyber regs are working. The real question is not so much how much new regulations there ought to […]