Organization of American States, ISA to unveil cybersecurity oversight handbook for corporate boards at OAS Symposium in Santiago
FOR IMMEDIATE RELEASE Contact: Larry Clinton President and CEO, Internet Security Alliance (202) 236-0001 lclinton@isalliance.org The Organization of American States (OAS) and the Internet Security Alliance (ISA) will unveil Friday a new cyber-risk oversight handbook for Latin American corporate boards of directors during the OAS Cybersecurity Symposium this week in Santiago, Chile. ISA President Larry […]
ISA, NACD, and DHS Will Discuss Cybersecurity “From the Top Down”
FOR IMMEDIATE RELEASE Contact: Larry Clinton President and CEO, Internet Security Alliance (202) 236-0001 lclinton@isalliance.org The President of the National Association of Corporate Directors (NACD), Peter Gleason, the President of the Internet Security Alliance (ISA), Larry Clinton, and the Assistant Director of the Department of Homeland Security’s Cybersecurity Infrastructure Security Agency (CISA), Daniel Kroese, will […]
NACD AND ISA TO EXPAND COLLABORATION INTERNATIONALLY ON CYBERSECURITY FOR BOARDS OF DIRECTORS
FOR IMMEDIATE RELEASE Contact: Susan Oliver NACD susanboliver@gmail.com 703-216-4078 Josh Higgins Internet Security Alliance 703-778-0083 jhiggins@isalliance.org WASHINGTON, D.C. (September 17, 2019) – The National Association of Corporate Directors (NACD), the authority on boardroom practices representing more than 20,000 directors, and the Internet Security Alliance (ISA) today announced they will develop an updated version of the Director’s Handbook […]
DHS Taking Steps in the Right Direction on Cyber Risk Management
by Larry Clinton Perhaps the one thing virtually everyone in the cybersecurity field agrees on is that, notwithstanding many laudable efforts, we are losing the fight to secure cyberspace. Illustrative of this reality, the Director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, Chris Krebs, has wisely commented we need a new […]
Mandatory Cybersecurity Training for Congress: What Kind of Training?
by Larry Clinton Last week, the bipartisan Select Committee on the Modernization of Congress issued a list of two dozen recommendations designed to “make Congress more reflective and responsive to the American people.” One recommendation stands out as particularly timely, visionary and practical: “Making cybersecurity training mandatory for Members.” Finally, a cybersecurity mandate that makes […]
Capital One Breach Highlights the Danger of Insider Threats
by Josh Higgins When companies think about cybersecurity threats, they often think of a hacker in some far-off place using sneaky tactics to gain access to their systems. However, Capital One’s announcement Monday of a major data breach highlights another major, yet often overlooked, cyber threat: The insider. Similar to other cyber incidents, the newly […]
Accountability in Cybersecurity is a Two-Way Street
The biggest story in cybersecurity this past week was the eye-popping $5 billion dollar (that’s billion with a B) fine the FTC placed on Facebook for not adequately fulfilling its responsibilities to protect its consumer’s data. Probably just as painful to Facebook, and its CEO, as the fine itself is having to publicly acknowledge their […]
PODCAST – Larry Clinton – How to enhance cybersecurity risk oversight
EY Webinar – June 24, 2019 Larry Clinton
Regulators: Don’t Make the Same Cyber Mistakes Over Again
It’s not news that cyber-attacks are increasing both in number and sophistication and that the increasing criticality of the attack methods demands increased attention especially with respect to critical infrastructures. Also, due to the uniqueness of information systems, the speed with which attack methods and technologies change the traditional regulatory model has been deemed to […]
MAN BITES DOG: State Regulators Want Cyber Reg Reform
Yesterday Congressman Cedric Richmond, Chair of the House Homeland Subcommittee on Cybersecurity, Infrastructure Protection and Innovation announced in the wake of the recent ransomware attacks on local jurisdictions like Atlanta and Baltimore that he is going to propose a series of legislative efforts to assist the municipalities because “we can’t expect under-resourced, understaffed, state and […]
