Posted on September 21, 2023 at 8:28 am
The release of the Department of Defense’s (DOD) 2023 Cyber Strategy could not have come at a better time. The first DOD Cyber Strategy since 2018, it shows the DOD recognizes the scale of the cyberthreats facing our nation and are looking to build a forward-facing posture in our nation’s cyber defense. The digital age […]
Posted on September 20, 2023 at 5:00 am
Introduction by ISA President Larry Clinton Last week we discussed the foundational principles (LINK) and best practices (LINK) that can be followed to implement the Biden Administration’s Secure by Design and Default (SDD) proposal. In this third and final blog on SDD, we will dive into the most important part of any proposal: how to […]
Posted on September 19, 2023 at 7:49 am
AI is the new black, in two senses. First, AI is clearly the fashion of the day as AI week on/Capitol Hill has now turned into AI month and may well have an extended “season.” The other sense in which AI is the new black is that in many ways it is an ominous, and […]
Posted on September 18, 2023 at 7:35 am
According to Politico it’s unofficial AI week on the Capitol Hill, as lawmakers in the House Oversight cyber subcommittee and the Senate Homeland Security and Governmental Affairs committee are capping off their first few days back by asking federal agencies: what are you doing with AI? A key element of Congressional oversight, as it is […]
Posted on September 15, 2023 at 5:00 am
In yesterday’s blog, (LINK) we highlighted the Biden Administration’s positive step towards rebalancing the economics of cybersecurity. By shifting the narrative away from “blaming the victim” of cyberattacks, we are moving in the right direction to creating a market economy of products with cybersecurity embedded in their very design. However, this won’t be easy. For […]
Posted on September 14, 2023 at 5:00 am
Introduction by ISA President Larry Clinton The reality is that we are losing the fight to sustainably secure our cyber networks – and losing badly. This means we need to change the way we have been approaching the issue. That begins by stopping the blame game focusing on the victims of cyber-attack and beginning to […]
Posted on September 13, 2023 at 5:00 am
You read that right. By creating a national virtual cybersecurity academy we would fill the current 35,000 federal cybersecurity workforce gap in 4 years thus measurably enhancing our country’s security. Moreover, because academy graduates would replace the current independent contractors the government is hiring while receiving salaries equivalent to that of graduates of the traditional […]
Posted on September 12, 2023 at 5:00 am
Introduction by ISA President Larry Clinton The federal government spends roughly $70 billion a year on our cybersecurity. The very first billion ought to go to funding a virtual cybersecurity academy. The reason, as we outlined in our previous post (read here), is that we are wasting much of the current $70 billion spent because […]
Posted on September 11, 2023 at 8:37 am
What is the single most important public policy issue in cybersecurity? Hint: the answer is the same as if we asked what is the single greatest vulnerability to our cyber systems? It’s people. We don’t have nearly enough properly trained cybersecurity professionals. Current estimates are that we have 700,000 cybersecurity jobs we can’t fill (world-wide […]
Posted on September 8, 2023 at 5:00 am
In yesterdays’ post we praised the new national cybersecurity strategy for properly placing the harmonization of cybersecurity regulations as issue 1.1.1 in its new implementation plan. Streamlining regulations is one of the fastest, most efficient, and frankly easiest, ways to unleash significant amounts of scarce cybersecurity resources to more effective uses. We also criticized the […]