What This Cyber Security Articles Page Is About
The goal of Journal of Cyber Policy is to provide commentary and stimulate conversations about important cyber security topics. Our parallel goal is to discuss cyber issues in plain English, liberating this critical subject from the exclusive realm of specialized engineers and hackers. Throughout, we try to talk about cyber security and related issues from the perspectives of public policy, national security, corporate policy and compliance.
Why Articles about Cyber Security Matter
We are living in an era where digital technology dominates so much of our lives. Digital risk naturally accompanies this reality. Smartphones, the IoT, the Internet and so forth make our lives easier, but they also expose us to threats. Some of these threats come from nation state actors. We believe Americans could be better-informed about these risks. And, while there’s certainly no lack of content online about cyberthreats, room still exists for cyber security articles that integrate the subject’s diverse themes of technology, politics and business.
For example, Russian disinformation and Chinese espionage are not new, but today’s digital landscape makes these familiar tactics deadly, in political terms. The Cold War was largely analog in nature, with offensive campaigns quite limited in scope and impact. While Cold War dynamics may survive today, they are having a radically different effect on American society and politics than anything that came before.
It can be tricky to tease out the differences between today and a generation ago. American politics and governance have always been messy, dishonest and idiotic, but there were at least some fact-based controls on it. This is no longer the case. Our enemies are exploiting this new reality. In some cases, they’ve created this new reality.
We see the impacts of these new measures, but leaders across the government and business sectors generally fail to understand the transformative nature of technology, e.g. Amazon is not just a bigger mail order store; the iPhone is not just a phone with fancy features, and so forth. These cognitive gaps lead to deficiencies in the perception of risk. They enable our leaders to underestimate our enemies and how they can win without firing a shot. We also tend to overestimate our defenses and resiliency.
The digitization of society, commerce and politics renders America defenseless in ways that we are only beginning to understand. Digital transformation is double edge. America’s rush to digitize its economy and society produces as much risk as it does benefits. For example, we have to manage the tensions between mobility and surveillance, between big data and privacy and so on.
The Topics We Cover in These Articles
We deal with a wide range of cyber security topics in these articles. Some discuss cyber election interference. Others look at geopolitical cyber risks, such as our recent series on Russian disinformation and “Active Measures.” We will frequently check in on the state of enterprise architecture and cloud computing, seeking expert insights into the best practices and new security technologies that are influencing security policies in these areas of information technology. We cover the gamut of security subjects: malware, phishing, identity and access management (IAM), privileged access management (PAM), zero trust, data security, application security, secure DevOps (DevSecOps), red-blue teaming, automation, Security Orchestration, Automation and Response (SOAR), threat monitoring, incident response, intrusion detection, encrypting, key management and on and on. Our cyber security articles look at compliance, government cybersecurity frames like NIST NSF, GDPR, CCPA and more.