Internet Security Alliance launches ‘national dialogue’ on a critical new phase in cyber efforts

Posted on November 10, 2020 at 12:33 pm

The Internet Security Alliance wants to spark a dialogue in the cybersecurity community “around the idea that we need to re-examine the problem and do a lot more” to meet challenges in cyberspace that are gradually eroding the United States’ position as the world’s foremost economic, technological and military power. “We need to engage the […]


Cybersecurity and a potential Biden White House: Past tech priorities resurrected

Posted on October 21, 2020 at 10:19 am

Even among those who have worked with him, Joe Biden is not known as a tech policy wonk. So, it’s not surprising that today, during a pandemic, cybersecurity doesn’t come near to the top of the list of topics Biden’s campaign is prioritizing for the sake of the election. Russia’s election meddling may get a […]


Thinking Fast and Smart About Digital Transformation and Cybersecurity (by Larry Clinton)

Posted on September 30, 2020 at 4:53 pm

American business was largely unprepared to fend off cyber criminals before the virus hit; we are now immeasurably worse off. Metaphorically, we have gone from leaving the door ajar to cyber criminals before the pandemic to throwing the door wide open and laying out a welcome mat. One study found 91 percent of enterprises reported […]


The Word of the Day isn’t Virus, its Agility

Posted on July 6, 2020 at 1:38 pm

In 1929 the vibrant US economy went through the greatest shock it had ever received when the stock market crashed. A frightened and bewildered Congress, flaying for answers, summoned the economic chieftains of the day to testify as to if they had manipulated the crisis. The venerable JP Morgan was called to task before the […]


Q&A: NIST’s new ‘Enterprise Risk Management’ guidelines push cyber risks to board level

Posted on June 11, 2020 at 3:40 pm

Q&A: NIST’s new ‘Enterprise Risk Management’ guidelines push cyber risks to board level


ISA’s Larry Clinton criticizes Pentagon proposal for ‘intrusive’ access to contractor networks

Posted on May 27, 2020 at 2:52 pm

You know what’s worse than trying to share cybersecurity information? Writing about it. Everyone has read over and over again about how important information sharing is for cybersecurity. The idea is certainly not new. It’s definitely not cool. It’s also hard. No one has completely nailed it even after talking about it for decades. Why […]


ISA’s Larry Clinton: Current crisis offers chance to examine, address systemic risks to cybersecurity

Posted on April 28, 2020 at 9:26 am

The COVID-19 crisis reveals the inadequacy of the prevailing “operational” approach to cybersecurity and provides an opportunity for government and businesses alike to take cost-effective steps toward a cyber strategy rooted in risk management, says Larry Clinton, president of the Internet Security Alliance. That should include developing systems to track and prosecute cyber crime, establishing […]


Key industry group urges federal officials to quickly share risk-management best practices with businesses

Posted on April 27, 2020 at 1:36 pm

The massive shift to work-at-home amid the COVID-19 crisis is leading to insecure work-arounds that emphasize functionality over security, while managers in many businesses lack training suitable to the current risk environment, according to the Internet Security Alliance in comments filed with the Department of Homeland Security. “Due to the near-immediate switch to unplanned online […]


Pentagon and FCC, at different points on cyber regulation, underscore hybrid nature of U.S. government approach

Posted on April 23, 2020 at 3:11 pm

The Defense Department is leading efforts to set mandatory cybersecurity baselines for industry, while the Federal Communications Commission has been on a deregulatory path, but both are playing influential roles in shaping the U.S. government’s relationship with the private sector and overall approach to cybersecurity that have been on display in recent days. In one […]


Top Ten Reasons Why Cybersecurity Is Like Coronavirus

Posted on March 16, 2020 at 9:17 am

By Larry Clinton I’m not saying cybersecurity and the coronavirus are exactly the same. The defining characteristic of the cyber threat is that we have conscious and deliberate actor’s carefully crafting attacks. The coronavirus has no conscience, no plan. At the same time, notwithstanding differences, these domains are both attacks on our cultures, and when […]