THOUGHTS ON SECURITY BY DESIGN/DEFAULT FOR WORLD ECONOMIC FORUM 

Posted on November 20, 2023 at 8:05 am

Larry Clinton’s opening statement Last week I was honored to attend the World Economic Forum’s annual cybersecurity conference and lead a session on the demystification of the economics of secured by demand/default (watch the introduction above). I want to thank, and congratulate, the Forum creating this session. This topic lies at the very essence of […]


WHITE HOUSE SHOULD LOOK TO BOARD’S GUIDENCE ON AI AND CYBERSECURITY – PART 2 

Posted on October 31, 2023 at 6:00 am

The founder of the organization I am honored to lead was Dave McCurdy, the former Chair of the House Intelligence Committee.  Based on his long career in government Dave liked to say, “government does two things well, nothing and over-react.”  We are clearly, and rightfully, out of the” do-nothing” phase of government’s involvement in AI.  […]


WHITE HOUSE SHOULD FOLLOW BOARD’S GUIDANCE ON NEW AI EXECUTIVE ORDER 

Posted on October 30, 2023 at 9:08 am

Introduction by ISA President Larry Clinton There is tremendous anticipation regarding the imminent release of a sweeping new Executive Order (EO) on the use of Artificial Intelligence form the Biden White House (LINK). Although the EO holds potentially game-changing reach, it needs to be understood in the context that government is largely playing catch-up on […]


THE KEY TO UNDERSTANDING SYSTEMIC CYBER RISK IS MARKET PENETRATION

Posted on October 26, 2023 at 10:04 am

Introduction by ISA President Larry Clinton The SolarWinds’ Orion software attack – which occurred nearly three years ago — had devastating impact that organizations are still facing today. Recent reports estimate that government agencies and private organizations will spend $100 billion over the next few years investigating the incident and remediating the damage done in […]


COMMERCIAL ECONOMICS ARE INSUFFICIENT TO DEFEND CRITICAL INFRASTRUCTURE FROM CYBER ATTACKS  

Posted on October 24, 2023 at 12:58 pm

Introduction by ISA President Larry Clinton Critical Infrastructure in the United States is facing a substantial risk of cyber attacks at all times due to the imbalance of risk assessment between the public and private sectors. Until this disparity is mitigated, the United States will never be adequately protected on all sides from cyber attacks.  […]


FOR THE CYBER PUBLIC-PRIVATE PARTNERSHIP TO WORK THE REGULATORY MODEL NEEDS TO BE REFORMED 

Posted on October 20, 2023 at 5:02 am

Introduction by ISA President Larry Clinton Biden Administration’s National Cybersecurity Strategy (NCS) rightfully “recognizes that robust collaboration, particularly between the public and private sectors, is essential to securing cyberspace.”  Unfortunately, this “essential” goal is undermined in the very same document. Alongside announcing plans to scale public-private partnerships, the Biden Administration also proposes a number of […]


DO CYBER REGULATIONS IMPROVE SECURITY? (SPOLIER ALERT: NO) 

Posted on October 18, 2023 at 4:59 am

Introduction by ISA President Larry Clinton Many people new to the cybersecurity issue often suggest that what is needed is a strict regulatory model.  However, as Richard Clarke and Robert Knake, two of the most experienced and well-respected experts in the field of cybersecurity, point out in their book The Fifth Domain, “There is a […]


CYBERSECURITY REGULATION: DOING THE SAME THING AND FAILING  

Posted on October 17, 2023 at 8:54 am

Introduction by ISA President Larry Clinton Although Albert Einstein probably never said “The definition of insanity is doing the same thing over and over again and expecting a different result,” it’s still a pretty incisive comment that unfortunately applies to cybersecurity regulation. Our current cybersecurity process is insane.  The fact is that the traditional cybersecurity […]


LESSONS PRIVATE SECTOR CAN TEACH THE GOVERNMENT ON FIGHTING CYBERCRIME

Posted on October 6, 2023 at 10:43 am

Introduction by Larry Clinton As we have documented past blogs (LINK, LINK), we are fighting an uphill battle against increasingly sophisticated cybercriminals. In fact the new national strategy to secure cyber space essentially says that only the most sophisticated private companies have any hope of preventing cyber-attacks.  This means we must increasingly rely on our […]


ONE WAY TO GET CYBERCRIMINALS TO FUND LAW ENFORCEMENT

Posted on October 5, 2023 at 5:08 am

Introduction by Larry Clinton As we explained in previous blogs (LINK), cybercrime is at an all-time high – and there are no signs that it is slowing down. Economic losses from cybercrime are estimated to be as much as $2 trillion annually—and increasing to as much as $10.5 trillion by 2025 – 10 trillion is […]