Solarium Commission Off to a Good Start: What’s Next (Part II)

Posted on January 9, 2020 at 10:30 am

Cyberspace Solarium Commission Co-Chair Sen. Angus King (I-ME) has “leaked” to us that the Commission is virtually unanimous in the desire to see government process for cybersecurity overhauled. As we discussed in this space yesterday, that is a great, if not exactly novel, idea. But as the old saying goes, every great idea eventually devolves […]

ISA: Solarium Commission is Off to a Good Start, Now What?

Posted on January 8, 2020 at 9:32 am

In 2016 the ISA published a 12-step program for Congress and the new Administration to address the growing cybersecurity threat. Number 4 on the list (after act with greater urgency, spend more money, and understand cybersecurity is not just about IT) was that “Government needed to get organized to reflect the digital age.” Yesterday the […]

Global Consensus of Industry to Address Cyber Reaches Asia, Is Government Far Behind?

Posted on October 31, 2019 at 11:42 am

by Larry Clinton Yes, they are.  While corporate boards of directors worldwide are developing programs to increase own their understanding of the cyber threat and taking action to address it, the government equivalent of corporate boards – legislators, agency heads, and the like – seem content to tell others what to do while not seriously […]

U.S., German, and Latin American Boards and Cybersecurity: Similarities and Differences

Posted on October 28, 2019 at 10:00 am

by Larry Clinton In a field seemingly overpopulated with remarkably similar programs on cybersecurity, the Organization of American States, of all places, will host a unique program at their Washington, D.C. headquarters on November 8. OAS, along with the Cyber Security Council of Germany and the Internet Security Alliance, will discuss the findings of a […]


Posted on October 2, 2019 at 8:49 am

by Larry Clinton I expect virtually everyone who might be reading this blog knows that October is Cybersecurity Awareness month. But I doubt the total number of people in the Unites States who know October is “our” month rises above five figures. Of course, awareness that we have a cyber security problem is virtually unanimous. […]


Posted on October 1, 2019 at 10:24 am

by Larry Clinton I have opined in the past, somewhat tongue in cheek, that Cyber Security Awareness Month may be a bit outdated—is there really anyone unaware that we have a cyber security problem in 2019? Perhaps Cybersecurity understanding month is a bit timelier and more needed. However, in the spirit of the cyber season […]


Posted on September 30, 2019 at 1:43 pm

by Larry Clinton On Friday I was honored to provide the closing keynote speech at the Organization of American States’ (OAS) Cybersecurity Symposium in Santiago, Chile. The purpose of the event was to unveil and release the first Cyber-Risk Oversight Handbook for Corporate Boards targeted for the entire Latin American region. The Handbook is part […]

DHS Taking Steps in the Right Direction on Cyber Risk Management

Posted on August 12, 2019 at 11:03 am

by Larry Clinton Perhaps the one thing virtually everyone in the cybersecurity field agrees on is that, notwithstanding many laudable efforts, we are losing the fight to secure cyberspace. Illustrative of this reality, the Director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, Chris Krebs, has wisely commented we need a new […]

Mandatory Cybersecurity Training for Congress: What Kind of Training?

Posted on July 31, 2019 at 9:52 am

by Larry Clinton Last week, the bipartisan Select Committee on the Modernization of Congress issued a list of two dozen recommendations designed to “make Congress more reflective and responsive to the American people.” One recommendation stands out as particularly timely, visionary and practical: “Making cybersecurity training mandatory for Members.” Finally, a cybersecurity mandate that makes […]

Capital One Breach Highlights the Danger of Insider Threats

Posted on July 30, 2019 at 1:27 pm

by Josh Higgins When companies think about cybersecurity threats, they often think of a hacker in some far-off place using sneaky tactics to gain access to their systems. However, Capital One’s announcement Monday of a major data breach highlights another major, yet often overlooked, cyber threat: The insider. Similar to other cyber incidents, the newly […]