New Year’s Cyber Resolution: Modernize Cyber Law Enforcement
By Larry Clinton In this series of posts, we have been arguing that now is a time to rethink our efforts to create a sustainably secure cyber ecosystem. The core notion of this rethinking would be to, finally, begin focusing more on programmatic changes that will truly impact the security of cyberspace, as opposed to the […]
New Year’s Cyber Policy Resolution #1: Get Serious About Workforce Development
By Larry Clinton Last week, we discussed that we needed to make a New Year’s resolution to start talking about things that really matter for cybersecurity. One area that really matters if we’re serious about improving our cybersecurity is addressing the current workforce shortage. We can never create an adequately secure our cyber systems unless […]
A NEW YEAR’S CYBER RESOLUTION: LET’S START TALKING ABOUT THINGS THAT REALLY MATTER
By Larry Clinton, President and CEO, Internet Security Alliance I have to say I’m disappointed the language requiring more stringent timelines for reporting cyber events to the government didn’t make it into the National Defense Authorization Act (NDAA). I’m not disappointed because I have strong feelings one way or another about that provision – to […]
The Coronavirus Pandemic Has Created Novel Cybersecurity Challenges — But It May Also Give Us a Solution to the Cybersecurity Workforce Problem
By Josh Higgins, Senior Director of Policy and Communications The COVID-19 pandemic has created many new challenges for companies — such as managing a remote workforce, adopting new suppliers and cloud services, and a vastly expanded cyber-threat landscape — as the world works to maintain productivity through primarily virtual means. However, despite all these new […]
Coronavirus Creates New Insider Cyber Threat and How to Treat It
Instantaneous, Unplanned, Digital Transformation Creates Massive Cyber Risk By Larry Clinton Insiders are generally identified as the locus of about half of successful cyber-attacks. The 2020 edition of the Cyber-Risk Oversight Handbook published by the National Association of Corporate Directors (NACD) and the Internet Security Alliance (ISA) last month (available free of charge here). identifies the […]
ISA Board of Directors Offers Cybersecurity Best Practices for COVID-19 Crisis
The outbreak of coronavirus globally has created a new reality vastly increasing how much business is done online: While this new virtual reality is essential to sustaining business during the pandemic, it is critical that corporate boards are also aware of the increased cybersecurity threat from this intensified, and often unplanned, utilization of technology. As […]
Top Ten Reasons Why Cybersecurity Is Like Coronavirus
By Larry Clinton I’m not saying cybersecurity and the coronavirus are exactly the same. The defining characteristic of the cyber threat is that we have conscious and deliberate actor’s carefully crafting attacks. The coronavirus has no conscience, no plan. At the same time, notwithstanding differences, these domains are both attacks on our cultures, and when […]
Cyber Principle Two for Boards: Know Your Legal Obligations
This is the second in a series of blogs distilling the cybersecurity advice for boards of directors contained in the new Cyber-Risk Oversight 2020 Handbook published by the National Association of Corporate Directors and the Internet Security Alliance. By Larry Clinton In 2015, ISA, along with Georgia Tech, the New York Stock Exchange, and Palo […]
The First Principle of Cybersecurity — It’s Not an “IT” Issue
By Larry Clinton At last week’s RSA Conference, the National Association of Corporate Directors (NACD) in partnership with the ISA published Cyber Risk Oversight 2020: Key Principles and Practical Guidance for Corporate Boards. This is the third in a series of cyber-risk handbooks ISA and NACD have partnered on since 2014, and like the previous […]
WHAT I HEARD AT THE G-20 CYBERSECURITY DIALOGUE THIS WEEK
WHAT I HEARD AT THE G-20 CYBERSECURITY DIALOGUE THIS WEEK This week I was honored to be one of the 17 outside experts (3 Americans including myself) asked to address the official G-20 Cybersecurity Dialogue in Riyadh, Saudi Arabia. This meeting was designed to assist the G-20 Digital Economic agenda for this fall’s full G-20 […]
