POSSIBLE MARKET INCENTIVE PROGRAMS TO PROMOTE SECURITY BY DESIGN AND DEFAULT
Introduction by ISA President Larry Clinton Last week we discussed the foundational principles (LINK) and best practices (LINK) that can be followed to implement the Biden Administration’s Secure by Design and Default (SDD) proposal. In this third and final blog on SDD, we will dive into the most important part of any proposal: how to […]
HOW CORPORATE BOARDS LOOK AT ARTICIFIAL INTELLIGENCE AND CYBER SECURITY (Part II)?
AI is the new black, in two senses. First, AI is clearly the fashion of the day as AI week on/Capitol Hill has now turned into AI month and may well have an extended “season.” The other sense in which AI is the new black is that in many ways it is an ominous, and […]
HOW DO CORPORATE BOARDS LOOK AT ARTIFICIAL INTELLIGENCE AND CYBER SECURITY?
According to Politico it’s unofficial AI week on the Capitol Hill, as lawmakers in the House Oversight cyber subcommittee and the Senate Homeland Security and Governmental Affairs committee are capping off their first few days back by asking federal agencies: what are you doing with AI? A key element of Congressional oversight, as it is […]
HOW TO DO SECURITY BY DESIGN AND DEFAULT – 10 BEST PRACTICES
In yesterday’s blog, (LINK) we highlighted the Biden Administration’s positive step towards rebalancing the economics of cybersecurity. By shifting the narrative away from “blaming the victim” of cyberattacks, we are moving in the right direction to creating a market economy of products with cybersecurity embedded in their very design. However, this won’t be easy. For […]
STOP BLAMING THE VICTIM: 7 PRINCIPLES SECURE BY DESIGN & DEFAULT
Introduction by ISA President Larry Clinton The reality is that we are losing the fight to sustainably secure our cyber networks – and losing badly. This means we need to change the way we have been approaching the issue. That begins by stopping the blame game focusing on the victims of cyber-attack and beginning to […]
THE VIRTUAL CYBERSECURITY ACADEMY—FREE CYBERSECURITY FOR THE GOVERNMENT!
You read that right. By creating a national virtual cybersecurity academy we would fill the current 35,000 federal cybersecurity workforce gap in 4 years thus measurably enhancing our country’s security. Moreover, because academy graduates would replace the current independent contractors the government is hiring while receiving salaries equivalent to that of graduates of the traditional […]
CREATING A VIRTUAL CYBERSECURITY ACADEMY SHOULD BE OUR TOP PRIORITY
Introduction by ISA President Larry Clinton The federal government spends roughly $70 billion a year on our cybersecurity. The very first billion ought to go to funding a virtual cybersecurity academy. The reason, as we outlined in our previous post (read here), is that we are wasting much of the current $70 billion spent because […]
THE MOST IMPORTANT ISSUE IN CYBERSECURITY DOESN’T GET THE ATTENTION IT DEMANDS
What is the single most important public policy issue in cybersecurity? Hint: the answer is the same as if we asked what is the single greatest vulnerability to our cyber systems? It’s people. We don’t have nearly enough properly trained cybersecurity professionals. Current estimates are that we have 700,000 cybersecurity jobs we can’t fill (world-wide […]
OMB CAN QUICKLY STOP REDUNDENT WASTEFUL HARMFUL CYBER REGULATIONS
In yesterdays’ post we praised the new national cybersecurity strategy for properly placing the harmonization of cybersecurity regulations as issue 1.1.1 in its new implementation plan. Streamlining regulations is one of the fastest, most efficient, and frankly easiest, ways to unleash significant amounts of scarce cybersecurity resources to more effective uses. We also criticized the […]
BIDEN CYBER IMPLEMENTATION PLAN: GREAT FIRST STEP –STUMBLES ON SECOND STEP (PART 1)
President Biden’s National Cybersecurity Strategy (NCS) and subsequent Implementation Plan (NCSIP) got off to a great first step by recognizing the need for cybersecurity harmonization as initiative 1.1.1. The Administration is properly prioritizing this initiative because addressing it will, comparatively quickly and effectively, enhance our nation’s cybersecurity by freeing up between 40%-70% (depending on the […]
