Daily Cybersecurity Blog

INTERNET SECURITY ALLIANCE

MIT Research Documents Effectiveness of Consensus Cyber Risk Oversight Principles

November 17, 2022

Geneva, Switzerland/November 16/As the World Economic Forum’s annual Cybersecurity Summit concluded today research conducted by MIT Cybersecurity at MIT Sloan (MIT CAMS) found that the cyber risk oversight principles (consensus principles) developed by the Forum in conjunction with the Internet Security Alliance (ISA) and the National Association of Corporate Directors (NACD) “demonstrates that organizations that use the consensus principles can significantly improve their cyber resilience without raising costs.” The MIT research used a grounded control theory and system dynamics built on significant research in the field, including interviews with CISOs which has been validated over the years at a Fortune 500 company analyzing a wide range of cyber risk challenges. MIT CAMS used a

Recent Post

MIT Research Documents Effectiveness of Consensus Cyber Risk Oversight Principles

November 17, 2022 No Comments

Geneva, Switzerland/November 16/As the World Economic Forum’s annual Cybersecurity Summit concluded today research conducted by MIT Cybersecurity at MIT Sloan (MIT CAMS) found that the

As cyber attacks increase, here’s how CEOs can improve cyber resilience

November 17, 2022 1 Comment

Major Findings · The Cyber Risk Principles developed by the ISA, NACD and the World Economic Forum help drive cyber resilience across industries. · Simulation-aided

TOP TEN REASONS FOR A VIRTUAL CYBERSECURITY SERVICE ACADEMY (Part 1)

May 31, 2022 No Comments

In a series of recent posts, we have noted the time has come for us to create a national virtual cyber service academy, modeled on

THE CASE FOR A NATIONAL CYBERSECURITY ACADEMY, PART 2

May 31, 2022 No Comments

EXECUTIVE SUMMARY In our last post we made the case for a national, virtual, cybersecurity academy. In this post we will discuss the key points of

THE CASE FOR A NATIONAL CYBERSECURITY ACADEMY, PART 1: A NATIONAL DEFENSE IMPERATIVE

May 31, 2022 No Comments

We need to stop talking about the issue of cybersecurity workforce development. We need to properly frame the issue an imperative for national defense

IT IS TIME FOR A NATIONAL CYBER SERVICES ACADEMY

May 31, 2022 No Comments

Our service academies – West Point, Annapolis the Airforce and Merchant Marine Academies are the ultimate public private partnership. Government offers private citizens high quality

INGLIS PROPOSES CYBER SOCIAL CONTRACT: GREAT IDEA! NOW LET’S TALK TERMS

February 23, 2022 No Comments

By Larry Clinton In the latest edition of Foreign Affairs, the US Director for Cybersecurity, Chris Inglis and Harry Krejsa, propose that the government and

Regulation of Cybersecurity Has Been Tried and It Doesn’t Work

January 21, 2022 No Comments

By Larry Clinton The focus of the current series of posts is to suggest the need for new directions in cybersecurity policy. Put succinctly, it’s not

Playoffs Time: What Can Cyber Policymakers Learn from the NFL?

January 17, 2022 No Comments

This blog series began by asserting that in the new year, given the obvious ineffectiveness of our current cyber policies it’s time for policymakers to

New Year’s Cyber Resolution: Modernize Cyber Law Enforcement

January 14, 2022 No Comments

By Larry Clinton In this series of posts, we have been arguing that now is a time to rethink our efforts to create a sustainably

New Year’s Cyber Policy Resolution #1: Get Serious About Workforce Development

January 10, 2022 No Comments

By Larry Clinton Last week, we discussed that we needed to make a New Year’s resolution to start talking about things that really matter for

A NEW YEAR’S CYBER RESOLUTION: LET’S START TALKING ABOUT THINGS THAT REALLY MATTER

January 3, 2022 No Comments

By Larry Clinton, President and CEO, Internet Security Alliance I have to say I’m disappointed the language requiring more stringent timelines for reporting cyber events

GUEST BLOG: U.S. Acts against Huawei and ZTE, Allies Disadvantaged in Replicating “Rip and Replace”

September 2, 2021 No Comments

By Sarina Krantzler, ISA Research Associate “The greatest victory is that which requires no battle” – Sun Tzu, The Art of War In the previous

GUEST BLOG: China’s Digital Strategy Threatens U.S. National Security & Diplomatic Partnerships

August 31, 2021 No Comments

By Sarina Krantzler, ISA Research Associate This post is the first of two blogs concerning China’s Digital Strategy. “If you know the enemy and know

CYBERSECURITY: STAKEHOLDERS OR PARTNERS? RETURN ON REPORTING?

August 30, 2021 No Comments

This week the House Homeland Security Cyber Subcommittee will hold a hearing on one of the hottest legislative topics in the field entitled “Stakeholder Perspectives

Rethinking Ransomware: We Can Win If We Want To

June 29, 2021 No Comments

I’m sure everyone reading this blog knows that about 2 months ago, Colonial Pipeline was hit with a ransomware attack and paid $4.4 million dollars.

Rethinking Cyber Regulation Part II: Creating A Risk-Based Regulatory System

June 22, 2021 No Comments

In our previous post, we noted that the new National Cyber Director’s office, which is charged with coordinating federal cyber policy, ought to begin that effort by evaluating and coordinating current cyber regulation. We pointed to studies (including government studies) that showed from 40 to 70 percent of federal cyber regulation – including those imposed on states and localities – is redundant and/or conflicting, thus wasting scarce cyber resources.

INTERNET SECURITY ALLIANCE