VIRTUAL CYBER ACADEMY WOULD SOLVE WORKFORCE ISSUE AND HELP REDUCE THE DEFICIT
An analysis of the proposal to create a national, virtual, cybersecurity academy shows that creating the academy would not only solve the federal government’s cybersecurity workforce problem in less than 4 years but would create savings that allows the program to pay for itself – and even contribute to reducing the federal budget deficit. The […]
CHINA BEATING US ON TECH STANDARDS – BIDEN NATIONAL STRATEGY NEEDED
What could possibly be less sexy than setting technical standards? It’s a tough question, I’ll give you a minute. Maybe, writing about setting technical standards? But it’s one of those jobs that absolutely HAS to be done. Obviously, the technical standards are the building blocks of the digital world. If the standards are not done […]
RSA REPORT ON SECURE BY DESIGN — WE NEED AN HOV LANE
One of the many activities at RSA this week has been a series of meetings on how exactly CISA can implement the big idea in the Biden Administration’s new national cybersecurity strategy, shifting the focus on cyber from the user to the providers of cyber technology. Much of the talk around the new strategy has […]
WHAT IS BEST FOR SEC ON CYBER? OLD STYLE REGS OR NACD MODEL?
To begin with, we know the cyber risk oversight model described in the NACD-ISA Cyber Risk Handbook actually enhances cybersecurity. We also know there is no proof the SEC proposed regulations, which have already been tried in multiple venues, will enhance cybersecurity or protect investors. In fact, the NACD-ISA handbook is the only set of […]
INDEPENDENT REVIEW OF FIXING AMERICAN CYBERSECURITY
A Review of Fixing American Cybersecurity, Edited by Larry Clinton and Foreword by Kiersten Todt This entry was posted in Book ReviewCybersecurity on March 30, 2023 by Steven Bowcut In an era of growing cyber threats and increasing data breaches, the need for robust cybersecurity measures has never been greater. Against this backdrop, Larry Clinton’s new book, “Fixing American Cybersecurity: Creating […]
SEC NEEDS A CYBER MODEL THAT WORKS
Writing in the February edition of Foreign Affairs CISA Director Jen Easterly called for “a new model” for cybersecurity. A month later President Biden released a new national strategy for cybersecurity which he said would “realign incentives in favor of long-term investment. When releasing the new strategy acting WH Director for Cybersecurity Kemba Waldon said, […]
The SEC: The Elephant in the New National Cyber Strategy
The Biden Administration’s new National Cybersecurity Strategy is an important first step toward improving our nation’s cybersecurity. This strategy, unlike the numerous others that have been unveiled over the past 20 years, adopts ISA’s core argument that we cannot create a sustainably secure cyber system until we rebalance the incentives for cyber-attacks. ISA is not […]
FIRST DO NO HARM: THE MANTRA FOR NEW CYBER REGULATION
The traditional regulatory model – when applied to cybersecurity – is actually anti-security. For all the discussion around the Biden Administration’s new cyber strategy generating new regulations, this one simple fact remains. There is no evidence the cyber regs are working. The real question is not so much how much new regulations there ought to […]
WHY CYBER REGULATIONS IN NATIONAL STRATEGY MAY NOT WORK
The new National Cybersecurity Strategy released last week calls for intensified federal regulation on IT providers, while presumably shifting regulatory focus away from technology users (we will see what the regulatory agencies and the SEC has to say about that last part). The strategy asserts “regulation can level the playing field enabling healthy competition without […]
THREE QUICK STEPS TO IMPLEMENT THE NATIONAL CYBER STRATEGY (NOT WHAT YOU THINK)
There are probably various government agencies where regulators have already sharpened their virtual pencils preparing to write up some new regulations go along with the new National cybersecurity strategy released yesterday. Please put down your pens. That is not where implementation of the new strategy needs to begin. While much of the conversation about the […]
