Last week I attended the U.S. Military Academy’s 55th annual senior leader conference at West Point to talk about the future of digital risk and cybersecurity. The conference was focused on the future of security in the Indo-Pacific region and brought together leaders from the across the United States to deliberate about the future. I’d not been to West Point since I was a kid and after serving for seven years in the Defense Department it felt like coming home. I also got in a few runs on the Hudson River by the campus – something I’d recommend any runner do. The fog rolled in over the river, up the parapets, and onto the green riverbeds and fields adjacent to the water. It reminded me of running in England’s Lakes District almost fifteen years ago.Read more »
Oftentimes, it is said, we fight the last war. It happens when strategists fail to account for changes in the security environment, like the birth of the machine gun, the tank, or the improvised explosive device – technological innovations that altered how conflicts unfold.
Today in cybersecurity, organizations are still overly focused on securing the perimeter – on keeping intruders out of a network. While perimeter defense is a key part of the total security stack, it is not sufficient for effective cybersecurity.Read more »
It was a rich week at RSA Conference 2019, the nerd prom of the cybersecurity world. Thousands descended on San Francisco’s Moscone Center from all over the world. They came, they saw, they cyber-conquered. On my side, I joined Dr. Chase Cunningham for a discussion at Illumio’s customer dinner; attended the U.S.-Australia track 1.5 dialogue with representatives from the two countries’ governments and industry; listened to General Paul Nakasone (U.S. Army), the Commander of U.S. Cyber Command and the Director of the NSA, address the masses at RSAC; and met with colleagues from the national security community I’d not seen since leaving D.C. in 2015. It was a great week.
Here are a few of my takeaways:Read more »
This article was originally published on todayonline.com.
The SingHealth breach last year shocked the Singaporean public. It is the worst cyber attack to hit Singapore. Yet it is only the latest in an escalating trend of dangerous attacks on global power centres.
Today nation-state and non-state attackers steal, destroy, and manipulate data in and through cyber space. Adversaries flourish in the "grey space" below the level of outright conflict and appear undeterred in pursuing their goals.Read more »
Last week I testified in front of the Canadian House of Commons Committee on Public Safety and National Security about cybersecurity risk and national security planning. I was invited to testify by The Honorable Pierre Paul-Hus, Member of Parliament representing the riding of Charlesbourg—Haute-Saint-Charles in Quebec and Vice-Chairman of the Committee. My written submission to the committee, "Defend Forward and Assume Breach: Preparing Canada for a Cyberresilient Future," is available here.
Below are four questions from members of parliament that kept me on my toes, along with video of my responses.Read more »