Should Cybersecurity Leadership Finally be Professionalized?

April 29, 2024 at 11:27AM Professionalization for cybersecurity leadership is increasingly crucial due to the rising complexity of cyber threats. The expanded roles of CISOs create a need for personal protections and liability insurance. The resistance to formalizing cybersecurity as a profession stems from its dynamic nature and the varying resources available to professionals. Despite … Read more

Risk and Regulation: Preparing for the Era of Cybersecurity Compliance

March 21, 2024 at 09:45AM The text emphasizes the growing significance of cybersecurity risk management and the implementation of regulations to improve cybersecurity standards. It highlights the accountability of senior leaders, the challenges in achieving compliance, and the role of threat intelligence in managing cyber risk. Ultimately, it encourages a positive mindset towards cybersecurity compliance … Read more

Uncle Sam tells nosy nations to keep their hands off Americans’ personal data

February 28, 2024 at 05:27AM President Biden is set to sign an executive order preventing the transfer of Americans’ sensitive data to adversarial countries such as China and Russia. The White House plans to propose regulations prohibiting large data transfers to “countries of concern.” The rule will exempt routine commercial transactions and won’t come into … Read more

Federal Push for Secure-by-Design: What It Means for Developers

November 7, 2023 at 07:00AM Secure-by-design is becoming a regulatory requirement for critical infrastructure, as outlined in the March 2023 National Cybersecurity Strategy. The concept is important to the federal government, and it is expected to be enforced through an Executive Order. However, there is currently no universally agreed-upon definition or way to measure secure-by-design. … Read more

Can open source be saved from the EU’s Cyber Resilience Act?

October 13, 2023 at 10:49AM The European Union’s Cyber Resilience Act (CRA) is causing concern among the open source community. The Act, aimed at addressing cybersecurity issues, imposes strict regulations on software publishers, potentially hindering open source development. The open source community is advocating for more flexibility in the regulations and better understanding of how … Read more