DO CYBER REGULATIONS IMPROVE SECURITY? (SPOLIER ALERT: NO)
Introduction by ISA President Larry Clinton Many people new to the cybersecurity issue often suggest that what is needed is a strict regulatory model. However, as Richard Clarke and Robert Knake, two of the most experienced and well-respected experts in the field of cybersecurity, point out in their book The Fifth Domain, “There is a […]
CYBERSECURITY REGULATION: DOING THE SAME THING AND FAILING
Introduction by ISA President Larry Clinton Although Albert Einstein probably never said “The definition of insanity is doing the same thing over and over again and expecting a different result,” it’s still a pretty incisive comment that unfortunately applies to cybersecurity regulation. Our current cybersecurity process is insane. The fact is that the traditional cybersecurity […]
LESSONS PRIVATE SECTOR CAN TEACH THE GOVERNMENT ON FIGHTING CYBERCRIME
Introduction by Larry Clinton As we have documented past blogs (LINK, LINK), we are fighting an uphill battle against increasingly sophisticated cybercriminals. In fact the new national strategy to secure cyber space essentially says that only the most sophisticated private companies have any hope of preventing cyber-attacks. This means we must increasingly rely on our […]
ONE WAY TO GET CYBERCRIMINALS TO FUND LAW ENFORCEMENT
Introduction by Larry Clinton As we explained in previous blogs (LINK), cybercrime is at an all-time high – and there are no signs that it is slowing down. Economic losses from cybercrime are estimated to be as much as $2 trillion annually—and increasing to as much as $10.5 trillion by 2025 – 10 trillion is […]
WHAT CAN PINK DO FOR CYBER?
Introduction by Larry Clinton I expect virtually everyone who might be reading this blog knows that October is Cybersecurity Awareness month. But I doubt the total number of people in the Unites States who know October is “our” month rises above five figures. Of course, awareness that we have a cyber security problem is virtually […]
TIME TO MODERNIZE THE MILITARY’S ROLE IN CYBER CRIME DEFENSE
The release of the Department of Defense’s (DOD) 2023 Cyber Strategy could not have come at a better time. The first DOD Cyber Strategy since 2018, it shows the DOD recognizes the scale of the cyberthreats facing our nation and are looking to build a forward-facing posture in our nation’s cyber defense. The digital age […]
POSSIBLE MARKET INCENTIVE PROGRAMS TO PROMOTE SECURITY BY DESIGN AND DEFAULT
Introduction by ISA President Larry Clinton Last week we discussed the foundational principles (LINK) and best practices (LINK) that can be followed to implement the Biden Administration’s Secure by Design and Default (SDD) proposal. In this third and final blog on SDD, we will dive into the most important part of any proposal: how to […]
HOW CORPORATE BOARDS LOOK AT ARTICIFIAL INTELLIGENCE AND CYBER SECURITY (Part II)?
AI is the new black, in two senses. First, AI is clearly the fashion of the day as AI week on/Capitol Hill has now turned into AI month and may well have an extended “season.” The other sense in which AI is the new black is that in many ways it is an ominous, and […]
HOW DO CORPORATE BOARDS LOOK AT ARTIFICIAL INTELLIGENCE AND CYBER SECURITY?
According to Politico it’s unofficial AI week on the Capitol Hill, as lawmakers in the House Oversight cyber subcommittee and the Senate Homeland Security and Governmental Affairs committee are capping off their first few days back by asking federal agencies: what are you doing with AI? A key element of Congressional oversight, as it is […]
HOW TO DO SECURITY BY DESIGN AND DEFAULT – 10 BEST PRACTICES
In yesterday’s blog, (LINK) we highlighted the Biden Administration’s positive step towards rebalancing the economics of cybersecurity. By shifting the narrative away from “blaming the victim” of cyberattacks, we are moving in the right direction to creating a market economy of products with cybersecurity embedded in their very design. However, this won’t be easy. For […]
