OMB CAN QUICKLY STOP REDUNDENT WASTEFUL HARMFUL CYBER REGULATIONS 

Posted on September 8, 2023 at 5:00 am

In yesterdays’ post we praised the new national cybersecurity strategy for properly placing the harmonization of cybersecurity regulations as issue 1.1.1 in its new implementation plan. Streamlining regulations is one of the fastest, most efficient, and frankly easiest, ways to unleash significant amounts of scarce cybersecurity resources to more effective uses.   We also criticized the […]


BIDEN CYBER IMPLEMENTATION PLAN: GREAT FIRST STEP –STUMBLES ON SECOND STEP (PART 1)

Posted on September 7, 2023 at 5:00 am

President Biden’s National Cybersecurity Strategy (NCS) and subsequent Implementation Plan (NCSIP) got off to a great first step by recognizing the need for cybersecurity harmonization as initiative 1.1.1. The Administration is properly prioritizing this initiative because addressing it will, comparatively quickly and effectively, enhance our nation’s cybersecurity by freeing up between 40%-70% (depending on the […]


TWENTY-FIVE WAYS TO ENHANCE CYBERSECURITY WITHOUT NEW REGULATIONS 

Posted on September 6, 2023 at 9:59 am

Absent a few notable exceptions, traditional regulation has not worked to improve our cybersecurity.  There are multiple reasons why it generally doesn’t improve security and is often actually counterproductive which we (ISA) describe in our recent book Fixing American Cybersecurity: Creating a Strategic Public Private Partnership (Georgetown University Press 2023) so, we won’t detail them […]


Cyber Director Position Remains Vacant: ISA Urges a New Strategy for Cybersecurity

Posted on July 5, 2023 at 10:24 am

In an increasingly interconnected world, cybersecurity has become a paramount concern for governments, businesses, and individuals alike. The Government Accountability Office (GAO) recently published an article titled “Cybersecurity: Actions Needed to Address Challenges and Improve the Federal Government’s Management of Cybersecurity Risks,” shedding light on the critical issues facing our nation’s cybersecurity efforts. To address […]


ISA APPLAUDS DOD EFFORTS TO HELP SMALL COMPANIES ON COLLECTIVE DEFENSE — MORE WORK ON INCENTIVES NEEDED 

Posted on June 28, 2023 at 11:16 am

BY LARRY CLINTON AND ANNA MISKELLY  As the Pentagon’s Cybersecurity Maturity Model Certification (CMMC) program rulemaking looms over the defense industrial base (DIB), the Pentagon released a two-page fact sheet highlighting free services offered to companies to help reach compliance. Services such as Project Spectrum and the Blue Cyber Initiative focus on small businesses, targeting […]


Congress Taking Steps to Address the Biggest Technological Threat of Our Time

Posted on June 23, 2023 at 11:12 am

By Larry Clinton and Sarah Harmon This past week, the House Armed Services Committee approved amendment language for the proposed 2024 National Defense Authorization Act (NDAA) to bolster our country’s cybersecurity and emerging technology programs next year. These changes aim to improve the U.S.’s ability to compete with China across several technology sectors, with a […]


QUESTIONS FOR THE BOARD TO CONSIDER IN USING AI

Posted on May 26, 2023 at 11:04 am

It took Netflix two and a half years to reach 1 million users.  Facebook did it in 10 months. Chat GPT did it 5 days. Just as the Internet fundamentally disrupted business plans a decade ago, so, too, is generative artificial intelligence now changing the world – only at a far accelerated pace. Management teams […]


VIRTUAL CYBER ACADEMY WOULD SOLVE WORKFORCE ISSUE AND HELP REDUCE THE DEFICIT

Posted on May 11, 2023 at 5:34 pm

An analysis of the proposal to create a national, virtual, cybersecurity academy shows that creating the academy would not only solve the federal government’s cybersecurity workforce problem in less than 4 years but would create savings that allows the program to pay for itself – and even contribute to reducing the federal budget deficit. The […]


CHINA BEATING US ON TECH STANDARDS – BIDEN NATIONAL STRATEGY NEEDED

Posted on May 9, 2023 at 8:31 am

What could possibly be less sexy than setting technical standards? It’s a tough question, I’ll give you a minute. Maybe, writing about setting technical standards? But it’s one of those jobs that absolutely HAS to be done. Obviously, the technical standards are the building blocks of the digital world. If the standards are not done […]


RSA REPORT ON SECURE BY DESIGN — WE NEED AN HOV LANE

Posted on April 26, 2023 at 8:00 am

One of the many activities at RSA this week has been a series of meetings on how exactly CISA can implement the big idea in the Biden Administration’s new national cybersecurity strategy, shifting the focus on cyber from the user to the providers of cyber technology. Much of the talk around the new strategy has […]