ISA PROPOSES ZERO COST PATH TO CYBERSECURITY
This week the Internet Security Alliance (ISA) conveyed to the White House Office of the National Cybersecurity Director a set of five priorities that, if enacted would create a would create A Zero-Cost Pathway for American Cybersecurity (link to the report below). These are pragmatic programs that can be implemented quickly. They will generate significant […]
Congressional Letter to OMB on Cyber Security Regulations
The Statutory Authority of the Office of Management and Budget to Withhold Funding for Duplicative and Redundant Cybersecurity Regulations
Under the ISA-proposed draft legislation to prevent redundancies in federal cybersecurity regulations and reinforce our nation’s cyber resilience as a whole, the Director of the Office of Management and Budget (OMB) would have the authority to withhold funding for the enforcement of identified redundant or duplicative cybersecurity regulations while they are under review. OMB derives […]
Industry Letter to OMB on Redundant Regulations
The Honorable Russell T. Vought Director, Office of Management and Budget Executive Office of the President 1650 Pennsylvania Avenue, NW Washington, DC 20503 April 8, 2025 Dear Director Vought, Adversaries launch cyberattacks against our government and industry systems thousands of times daily. These attacks put operational continuity of critical infrastructure at risk, and result in economic losses that, […]
AI ANALYSIS: DUPLICATION IN FEDERAL CYBERSECURITY REGULATIONS
The Problem: Federal cybersecurity regulations are increasingly fragmented and duplicative. Private sector entities—especially those operating in critical infrastructure—must navigate conflicting requirements across multiple agencies, often submitting the same information in different formats and on varying timelines. This inefficiency burdens industry, consumes security budgets, and weakens national resilience. The Approach: Using artificial intelligence tools—specifically natural […]
ADVANCED TECH CAN HELP IMPROVE CYBER REGULATIONS NOW
Several reports this past weekend highlighted the Trump Administration’s plans to use AI to substantially reduce as many as 100,000 federal regulations. While the target date for that broader project points to 2026, and could face legal challenges, the OMB can already take substantial steps to use advanced technology to vastly improve cybersecurity regulations which […]
TRUMP AI REG PLAN CAN WORK NOW ON CYBER SECURITY
Last week the Washinton Post reported on Administration’s plans to access Artificial Intelligence (AI) tools to identify opportunities for broad-based deregulation. While that broader program is not slated to launch until next year, AI tools are already available which demonstrate that eliminating redundant cybersecurity regulations would generate billions of dollars in government savings, tens of […]
CONGRESS MUST REAUTHORIZE CISA 2015
The Cybersecurity Information Sharing Act (CISA) of 2015 is arguably the most successful cybersecurity legislation ever enacted. It uses market incentives (liability protection) to incentivize critical information sharing between industry and the government. It is currently scheduled to expire in three months. Disabling our most fundamental cybersecurity mechanism would take place at a time of […]
THOUGHTS FROM THE WORLD ECONOMIC FORUM – REIMAGINING CYBER REGULATIONS
Last week, I was honored to be asked to lead the session on reimagining cyber regulations at the World Economic Forum event in Paris. The Forum relies on the Chatham House Rule, so I will await their report on the meeting; however, below is the text from which I drew the opening statement for the […]
UPCOMING ISA EVENT – CISA 2015 REAUTHORIZATION BRIEFING
6/25 ISA EVENT: IT SECTOR COORDINATING COUNCIL TO BRIEF CONGRESS ON CISA 2015 REAUTHORIZATION JOIN US! On June 25 in Cannon 401, the IT Sector Coordinating Council will hold a briefing on the need to reauthorize the 2015 Cybersecurity Information Sharing Act (CISA – the law not the agency). The briefing will begin at noon and end […]
