Sign up to save your podcasts
Or
Share S4E19: Mark Montgomery - Securing the Digital Democracy
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
S4E19: Mark Montgomery - Securing the Digital Democracy
Nikki - What does cyber resiliency mean to you?
Nikki - Can you tell us a little bit more about the Cyberspace Solarium Commission or CSC, in particular I'm interested in the promotion of national resilience. Can you talk a little bit about what that means and what's in progress at the moment?
Chris - There's been a lot of activity lately with the Cyber EO, OMB Memos, activities by NIST, publications by CISA and of course the National Cyber Strategy. How do you feel about where we're headed as a nation on the Cyber front and do you think we could be doing more, and if so, what in particular?
Chris - I recently saw you made comments regarding Cloud Service Providers (CSP) and their lack of being designated as critical infrastructure I believe. I have seen similar comments from the OCND, due to how critical CSP's, especially major IaaS providers are to the nation. Why do you think they have avoided this designation as long as they have?
Nikki - There are a lot of us in cybersecurity that got into it to help defend our nation and protect our country (myself included). Are there ways that other cyber defenders or technical professionals can get involved or any resources you would recommend?
Nikki - I don't see a ton in legislature or in the Executive Order about the human element behind cybersecurity and our challenges with risk management. Do you foresee any legislation or anything that may come out around how to protect our users and even our security practitioners?
Chris - I mentioned the NCS earlier, a big part of that was shifting market forces, the idea of software liability and also safe harbor. What are your thoughts on this topic?
Chris - CISA recently released "Secure-by-Design/Default" guidance for software suppliers and manufacturers. I wrote an article recently tracing the advocacy for "secure by design" back 50 years to the Ware Report. Yet here we are, still advocating for the same concepts. What do you think it will take for this to become a requirement rather than a recommendation and how important is this paradigm shift for national security?
View all episodes
By Chris Hughes
4.9
1616 ratings
Nikki - What does cyber resiliency mean to you?
Nikki - Can you tell us a little bit more about the Cyberspace Solarium Commission or CSC, in particular I'm interested in the promotion of national resilience. Can you talk a little bit about what that means and what's in progress at the moment?
Chris - There's been a lot of activity lately with the Cyber EO, OMB Memos, activities by NIST, publications by CISA and of course the National Cyber Strategy. How do you feel about where we're headed as a nation on the Cyber front and do you think we could be doing more, and if so, what in particular?
Chris - I recently saw you made comments regarding Cloud Service Providers (CSP) and their lack of being designated as critical infrastructure I believe. I have seen similar comments from the OCND, due to how critical CSP's, especially major IaaS providers are to the nation. Why do you think they have avoided this designation as long as they have?
Nikki - There are a lot of us in cybersecurity that got into it to help defend our nation and protect our country (myself included). Are there ways that other cyber defenders or technical professionals can get involved or any resources you would recommend?
Nikki - I don't see a ton in legislature or in the Executive Order about the human element behind cybersecurity and our challenges with risk management. Do you foresee any legislation or anything that may come out around how to protect our users and even our security practitioners?
Chris - I mentioned the NCS earlier, a big part of that was shifting market forces, the idea of software liability and also safe harbor. What are your thoughts on this topic?
Chris - CISA recently released "Secure-by-Design/Default" guidance for software suppliers and manufacturers. I wrote an article recently tracing the advocacy for "secure by design" back 50 years to the Ware Report. Yet here we are, still advocating for the same concepts. What do you think it will take for this to become a requirement rather than a recommendation and how important is this paradigm shift for national security?
More shows like Resilient Cyber
View all
Risky Business
373 Listeners
RunAs Radio
83 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
653 Listeners
CyberWire Daily
1,021 Listeners
Cloud Security Podcast
57 Listeners
Cyber Security Headlines
139 Listeners
Entra.Chat
4 Listeners