In their 2019 book The Fifth Domain, Richard Clarke and Bob Knake note that the U.S. has basically not changed its cybersecurity approach since the Clinton Administration.
On May 11, the chairs and ranking members of seven congressional committees that have jurisdiction over cybersecurity wrote a joint letter to National Security Advisor Jake Sullivan stressing that “cybersecurity is no longer just an ‘IT issue’ but instead an economic and national security challenge.”
By now anyone who is reading this sort of blog is aware that the ransomware epidemic is totally out of control. Colonial just paid $5 million in Bitcoin to get their data (and our gas) released. But this is by no means an isolated event. Ransomware attacks have been proliferating both in number and size of ransom for a while. Earlier in May, former CISA Director Chris Krebs told the House Cybersecurity Subcommittee that we are on the cusp of a world-wide ransomware pandemic fueled by greed.
Cyberspace Solarium Commission co-chairs Sen. Angus King (I-ME) and Rep. Mike Gallagher (R-WI) said Monday that the Colonia Pipeline attack “underscores the vulnerability of our national critical infrastructure in cyberspace and “the disruption is a clear example of the need to create a new social contract between the Federal government and systemically important critical infrastructure,”
Although the massive cyberattack on Colonial Pipeline is depriving the East Coast of energy and driving gas prices up, it ironically is adding fuel to
At a recent meeting of the IT Sector Coordinating Council, the new U.S. Government’s Chief Information Security Officer, Chris DeRusha, welcomed a question about the extent of redundant and conflicting cybersecurity regulations that impair both state and local governments and the private sector from efficiently addressing cyber threats. Mr. DeRusha told the Council that he has long been “passionate” about the need to streamline
cybersecurity regulations dating back to his days as the Chief Information Officer for the State of Michigan.
The U.S. Constitution clearly states that among government’s obligations are to “provide for the common defense and promote the general welfare.” However, it also states that the government is created by “we the people” implying there is more than a hands-off responsibility for the private sector to help achieve these goals.
Numerous factors propel us to rethink our approach to cybersecurity as this blog series maintains. Many of these thoughts revolve around the changing nature of the attackers themselves with their greater size sophistication. Other thoughts turn to the attack methods as new vulnerabilities are discovered and exploited or the nature of the threat itself as we move from assessing risk to entities to a great focus on systemic risks.
We were delighted to see this week that the seventh annual Munich Security Conference – arguably one of most prominent, if not the most prominent, events in the world – has adopted the theme of the ISA social media program – #RethinkCybersecurity – as the conference theme.
President Biden’s massive infrastructure proposal – dubbed infrastructure for the digital age – includes a wide variety of items not traditionally thought of as infrastructure such as home health care, as well as some items that are very much digital infrastructure such as $650 million for expanded broadband networks.
New Homeland Security Secretary Alejandro Mayorkas outlined his vision for cybersecurity at the Department of Homeland Security in a speech yesterday at Hampton College.
Although most of the ISA’s “Rethink Cybersecurity campaign” is targeted toward public policy, a rethinking at the corporate level is also required. This morning at