Cyber Threats

Publications

, Government Matters
Addressing security risks with smart devices
Brandon Pugh

From Government Matters:

Brandon Pugh, resident senior fellow at the R Street Institute, discusses security and privacy risks with consumer smart devices and how to better inform consumers of…

Request for Information on the Cyber Incident Reporting for Critical Infrastructure Act of 2022
Ayan Islam

November 14, 2022

Cybersecurity and Infrastructure Security Agency (CISA)
1110 N. Glebe Road
Arlington, VA 22201

Re: Request for Information on the Cyber Incident Reporting for Critical…

, Inside Cybersecurity
CISA hears from business, pipeline groups on considerations for upcoming reporting regime
Ayan Islam

From Inside Cybersecurity:

Two large associations urged CISA to set a high bar for incidents that should be reported and called for bidirectional information sharing at the agency’s…

, Axios
1 big thing: Making Cybersecurity Awareness Month better
Brandon Pugh

From Axios:

The big picture: Every October, the Cybersecurity and Infrastructure Security Agency and the National Cybersecurity Alliance host Cybersecurity Awareness Month to educate individuals…

, Cybersecurity Dive
CISA orders federal IT overhaul with automated asset inventory, software scanning
Ayan Islam

From Cybersecurity Dive:

The Biden administration has taken major steps in recent months to implement parts of the president’s May 2021 Executive Order, which was enacted after the SolarWinds…

, RSA Conference
Leveraging Crowd-Forecasting to Improve Our Understanding of Cybersecurity
Mary Brooks & Paul Rosenzweig

From RSA Conference:

Can we crowdsource our way toward a better cybersecurity industry? While prediction platforms are growing in popularity, there is not yet one focused on predicting events in…

, Lawfare
Last Call at the “Star Wars Bar”: Harmonizing Incident and Breach Reporting Requirements
Mary Brooks & Sofia Lesmes

In an interview last month, Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), acknowledged the challenges that the U.S. government’s complex patchwork of cyber…

One Year On: Biden’s executive order on cybersecurity is trying to make federal networks suck less
Mary Brooks

How do you measure the success of a cybersecurity executive order?
In deadlines issued—and made or missed? In new strategies, revised frameworks and new guidelines drafted? In an overall sense of…

, Inside Cybersecurity
Former stock-exchange security leader praises SEC proposal on cyber incident reporting
Mary Brooks

From Inside Cybersecurity:

The R Street Institute also submitted comments ahead of today’s deadline. The institute is “a nonprofit, nonpartisan, public policy research organization. Our mission…

, Defense News
Ukraine conflict heightens US military’s data privacy vulnerabilities
Brandon Pugh

Amid the artillery strikes and armored assaults, several quieter aspects of Russia’s invasion of Ukraine require closer attention, including targeted phishing and malicious data mining.
Russian…

Secured By miniOrange