Key Takeaways Congressional House Republicans have introduced a proposal to make NIST responsible for cybersecurity audits across the government. The idea is flawed in many respects—most especially because asking NIST to do an audit is asking them to…
President Trump’s trip to Europe was not a complete failure — his speech in Poland struck me as reasonable and Presidential. But his meeting with Russian President Vladimir Putin and their discussion on cybersecurity was not a shining moment.…
I am a bit of an outlier in the cybersecurity community since I think that there are circumstances in which private actors ought to be allowed to more aggressively respond to intrusions on their systems (though I don’t go “full postal” on the issue).…
The failure of the government to provide adequate protection has led many cybersecurity analysts, scholars, and policymakers to suggest that there is a need for private-sector self-help. If the government is unable or unwilling to take or threaten…
Rumors had it that the Cybersecurity EO was contingent on resolving how to deal with IT technology development and innovation. Now that the innovation Executive Order is public, a revised Cyber EO is circulating. Here is the copy I received: Rumors…
Malicious cyber activity from other states and non-state actors shows no sign of abating anytime soon. Both the U.S. and India have been working on behavioral norms in cyber space—an effort that should be sustained. Bad actors, however, do not…
