Posted on September 8, 2023 at 5:00 am
In yesterdays’ post we praised the new national cybersecurity strategy for properly placing the harmonization of cybersecurity regulations as issue 1.1.1 in its new implementation plan. Streamlining regulations is one of the fastest, most efficient, and frankly easiest, ways to unleash significant amounts of scarce cybersecurity resources to more effective uses. We also criticized the […]
Posted on September 7, 2023 at 5:00 am
President Biden’s National Cybersecurity Strategy (NCS) and subsequent Implementation Plan (NCSIP) got off to a great first step by recognizing the need for cybersecurity harmonization as initiative 1.1.1. The Administration is properly prioritizing this initiative because addressing it will, comparatively quickly and effectively, enhance our nation’s cybersecurity by freeing up between 40%-70% (depending on the […]
Posted on September 6, 2023 at 9:59 am
Absent a few notable exceptions, traditional regulation has not worked to improve our cybersecurity. There are multiple reasons why it generally doesn’t improve security and is often actually counterproductive which we (ISA) describe in our recent book Fixing American Cybersecurity: Creating a Strategic Public Private Partnership (Georgetown University Press 2023) so, we won’t detail them […]
Posted on July 24, 2023 at 9:48 am
In science and public policy, a principal goal is to develop an elegant solution. Elegance is generally defined as the simplest statement that most completely solves the problem. The quintessential example of scientific elegance is Einstein’s explanation of the theory of relativity E=mc2. Beautiful. The Biden Administration has just released its proposal to address the […]
Posted on July 5, 2023 at 10:24 am
In an increasingly interconnected world, cybersecurity has become a paramount concern for governments, businesses, and individuals alike. The Government Accountability Office (GAO) recently published an article titled “Cybersecurity: Actions Needed to Address Challenges and Improve the Federal Government’s Management of Cybersecurity Risks,” shedding light on the critical issues facing our nation’s cybersecurity efforts. To address […]
Posted on June 28, 2023 at 11:16 am
BY LARRY CLINTON AND ANNA MISKELLY As the Pentagon’s Cybersecurity Maturity Model Certification (CMMC) program rulemaking looms over the defense industrial base (DIB), the Pentagon released a two-page fact sheet highlighting free services offered to companies to help reach compliance. Services such as Project Spectrum and the Blue Cyber Initiative focus on small businesses, targeting […]
Posted on June 23, 2023 at 11:12 am
By Larry Clinton and Sarah Harmon This past week, the House Armed Services Committee approved amendment language for the proposed 2024 National Defense Authorization Act (NDAA) to bolster our country’s cybersecurity and emerging technology programs next year. These changes aim to improve the U.S.’s ability to compete with China across several technology sectors, with a […]
Posted on May 26, 2023 at 11:04 am
It took Netflix two and a half years to reach 1 million users. Facebook did it in 10 months. Chat GPT did it 5 days. Just as the Internet fundamentally disrupted business plans a decade ago, so, too, is generative artificial intelligence now changing the world – only at a far accelerated pace. Management teams […]
Posted on May 11, 2023 at 5:34 pm
An analysis of the proposal to create a national, virtual, cybersecurity academy shows that creating the academy would not only solve the federal government’s cybersecurity workforce problem in less than 4 years but would create savings that allows the program to pay for itself – and even contribute to reducing the federal budget deficit. The […]
Posted on May 9, 2023 at 8:31 am
What could possibly be less sexy than setting technical standards? It’s a tough question, I’ll give you a minute. Maybe, writing about setting technical standards? But it’s one of those jobs that absolutely HAS to be done. Obviously, the technical standards are the building blocks of the digital world. If the standards are not done […]