The Forum at RSA Conference

This year’s RSA Conference continues the long string of high powered speakers from both the private and the public sector. While there are great keynotes and more than 500 track sessions, we discovered we needed more! Five years ago, many senior government officials were looking for a platform from which they could communicate what they…

Beginning the Journey to Cybersecurity Maturity

RSA just released results of our second annual RSA Cybersecurity Poverty Index. We’re really excited about the results, but it may not be for the reasons you think. We’re excited because of the number of respondents (more than double the 2015 Index), the breadth of industries and governments represented, and the amount of time organizations…

Pervasive network visibility: driving the Federal security mission

Reports over the last year about catastrophic cyber breaches to Federal IT systems have been so frequent that we have been somewhat numbed to them. We have come to an almost dazed acceptance that our adversaries will continue to access and obtain highly sensitive information – on Federal employees, their families, the public, our marketplace,…

Applauding the President’s Cybersecurity National Action Plan

“The Cybersecurity industry is fundamentally broken… and the problem is not technology, but mindset.”  These recent remarks by RSA President Amit Yoran have been echoed around the country and in the halls of government in the wake of serious breaches to the Federal government. From last year’s OPM breach, to last week’s breaches impacting DHS…

Looking Behind to Move Forward

In my recent travels around the world, I’ve met with government officials and key critical infrastructure decision-makers. Defining the steps to create a more effective and secure environment is almost always Topic A on their list. This is important to the end users – information, operations, services, responsibilities of many kinds, etc. As it almost…

Securing the Federal Government Requires a Strong Authentication Strategy

August 27, 2004, the US Department of Homeland Security issued Homeland Security Presidential Directive 12 (HSPD-12): “Policy for a Common Identification Standard for Federal Employees and Contractors.” Also, in 2004, pagers were a $6 billion industry, the iPhone was still 3 years away from existing, and “cloud” (except to a small few) referred exclusively to…

RSA’s Cybersecurity Poverty Index Indicates Organizations Worldwide Need a ‘New Deal’ for IT Security

According to the Oxford English Dictionary, the word ‘Cybersecurity’ was first used in 1989. For the past 26 years, cybersecurity teams in governments, and organizations of all kinds in the private sector, have been engaged against determined adversaries. As the war drags on, one clear trend is emerging: we’re losing many battles for lack of…

Is Obama’s Latest Executive Order Enough?

Recently, former Director of National Intelligence, Mike McConnell made headlines when he stated that a foreign government had hacked into most major US corporations seeking to steal valuable secrets. While both provocative and dire, this statement is not a new observation. Former Federal cyber leader Richard Clarke made a similar statement in 2012. Other senior…

Will Obama’s Cybersecurity Executive Order Make a Difference

We continue to live in a world that is exciting with new technology, easy to use, and yet allows all of us to be more effective and efficient in our business and personal lives. Yet this very ease of use of technology puts all of us at risk. President Obama and many in government and…

Veterans Day and Cybersecurity

As Veterans’ Day approaches, I have a couple of thoughts. First, I’m thankful for all of the sacrifices our Veterans have made, that in so many ways it is difficult for many to understand or even discuss. But I also want to thank all of the families and friends who through good and bad have…