KEY BIPARTISAN SENATORS BACK ISA INSPIRED PIVOTT ACT ON WORKFORCE DEVELOPMENT
Today Senator Mike Rounds, (R-ND) Chairman of the Senate Armed Services Subcommittee on cybersecurity and Member of the Senate Appropriations Committee and Senate Homeland Security ranking member Gary Peters (D-Mich.) are introducing the Senate version of the Cyber PIVOTT Act. This is the companion bill to the Act introduced in the House by Homeland Security Chair […]
WE SPEND $70 BILLION ON CYBERSECURITY WITH NO WAY TO ASSESS ITS EFFECTIVENESS
It’s difficult to get precise numbers on our non-defense cybersecurity spend (which is a problem in itself) but most estimates place the number between $65-70 billion annually. It’s debatable that even this number is adequate. China’s Digital Silk Road strategy is officially funded at $1.4 trillion over 5 years, or roughly 6 times the USA’s […]
THOUGHTS ON SECURITY BY DESIGN/DEFAULT FOR WORLD ECONOMIC FORUM
Larry Clinton’s opening statement Last week I was honored to attend the World Economic Forum’s annual cybersecurity conference and lead a session on the demystification of the economics of secured by demand/default (watch the introduction above). I want to thank, and congratulate, the Forum creating this session. This topic lies at the very essence of […]
WHITE HOUSE SHOULD LOOK TO BOARD’S GUIDENCE ON AI AND CYBERSECURITY – PART 2
The founder of the organization I am honored to lead was Dave McCurdy, the former Chair of the House Intelligence Committee. Based on his long career in government Dave liked to say, “government does two things well, nothing and over-react.” We are clearly, and rightfully, out of the” do-nothing” phase of government’s involvement in AI. […]
WHITE HOUSE SHOULD FOLLOW BOARD’S GUIDANCE ON NEW AI EXECUTIVE ORDER
Introduction by ISA President Larry Clinton There is tremendous anticipation regarding the imminent release of a sweeping new Executive Order (EO) on the use of Artificial Intelligence form the Biden White House (LINK). Although the EO holds potentially game-changing reach, it needs to be understood in the context that government is largely playing catch-up on […]
THE KEY TO UNDERSTANDING SYSTEMIC CYBER RISK IS MARKET PENETRATION
Introduction by ISA President Larry Clinton The SolarWinds’ Orion software attack – which occurred nearly three years ago — had devastating impact that organizations are still facing today. Recent reports estimate that government agencies and private organizations will spend $100 billion over the next few years investigating the incident and remediating the damage done in […]
COMMERCIAL ECONOMICS ARE INSUFFICIENT TO DEFEND CRITICAL INFRASTRUCTURE FROM CYBER ATTACKS
Introduction by ISA President Larry Clinton Critical Infrastructure in the United States is facing a substantial risk of cyber attacks at all times due to the imbalance of risk assessment between the public and private sectors. Until this disparity is mitigated, the United States will never be adequately protected on all sides from cyber attacks. […]
FOR THE CYBER PUBLIC-PRIVATE PARTNERSHIP TO WORK THE REGULATORY MODEL NEEDS TO BE REFORMED
Introduction by ISA President Larry Clinton Biden Administration’s National Cybersecurity Strategy (NCS) rightfully “recognizes that robust collaboration, particularly between the public and private sectors, is essential to securing cyberspace.” Unfortunately, this “essential” goal is undermined in the very same document. Alongside announcing plans to scale public-private partnerships, the Biden Administration also proposes a number of […]
DO CYBER REGULATIONS IMPROVE SECURITY? (SPOLIER ALERT: NO)
Introduction by ISA President Larry Clinton Many people new to the cybersecurity issue often suggest that what is needed is a strict regulatory model. However, as Richard Clarke and Robert Knake, two of the most experienced and well-respected experts in the field of cybersecurity, point out in their book The Fifth Domain, “There is a […]
CYBERSECURITY REGULATION: DOING THE SAME THING AND FAILING
Introduction by ISA President Larry Clinton Although Albert Einstein probably never said “The definition of insanity is doing the same thing over and over again and expecting a different result,” it’s still a pretty incisive comment that unfortunately applies to cybersecurity regulation. Our current cybersecurity process is insane. The fact is that the traditional cybersecurity […]
