Cyber Security Articles

The new Ransomware Protection Playbook, by Roger Grimes (Wiley) is a book that I suspect will be widely embraced by
Data Theorem has launched the industry’s first Active Protection including observability and runtime defense, delivering comprehensive security across modern application stacks including API,
This is a review of the second edition of Cyberspace in Peace and War, by Professor Martin Libicki of the
Ransomware is on the rise, up tenfold from 2020 to 2021. The amounts paid in ransom have also jumped up
by Sam Ingalls  Since the days of Hammurabi – nearly four thousand years ago – insurance has been a system
The latest volume in the MIT Press Essential Knowledge Series is Cybsecurity, by Duane C. Wilson. The book is being
These days, journalists face threats from hackers, some of whom work for powerful state actors, who may expose their private
Last month, the US Federal Trade Commission (FTC) voted unanimously to enforce laws regarding consumers’ “Right to Repair” their electronic
How corporations should deal with the increasing cyber threat - Enterprise Podcast Network - EPN Hugh Taylor is Executive Editor
Last month, troops various National Guard units conducted a large scale simulation of a major cyber breach knocking out utilities

Cyber Security Articles

What This Cyber Security Articles Page Is About

The goal of Journal of Cyber Policy is to provide commentary and stimulate conversations about important cyber security topics. Our parallel goal is to discuss cyber issues in plain English, liberating this critical subject from the exclusive realm of specialized engineers and hackers. Throughout, we try to talk about cyber security and related issues from the perspectives of public policy, national security, corporate policy and compliance.

 

Why Articles about Cyber Security Matter

We are living in an era where digital technology dominates so much of our lives. Digital risk naturally accompanies this reality. Smartphones, the IoT, the Internet and so forth make our lives easier, but they also expose us to threats. Some of these threats come from nation state actors. We believe Americans could be better-informed about these risks. And, while there’s certainly no lack of content online about cyberthreats, room still exists for cyber security articles that integrate the subject’s diverse themes of technology, politics and business.

For example, Russian disinformation and Chinese espionage are not new, but today’s digital landscape makes these familiar tactics deadly, in political terms. The Cold War was largely analog in nature, with offensive campaigns quite limited in scope and impact. While Cold War dynamics may survive today, they are having a radically different effect on American society and politics than anything that came before.

It can be tricky to tease out the differences between today and a generation ago. American politics and governance have always been messy, dishonest and idiotic, but there were at least some fact-based controls on it. This is no longer the case. Our enemies are exploiting this new reality. In some cases, they’ve created this new reality.

We see the impacts of these new measures, but leaders across the government and business sectors generally fail to understand the transformative nature of technology, e.g. Amazon is not just a bigger mail order store; the iPhone is not just a phone with fancy features, and so forth. These cognitive gaps lead to deficiencies in the perception of risk. They enable our leaders to underestimate our enemies and how they can win without firing a shot. We also tend to overestimate our defenses and resiliency.

The digitization of society, commerce and politics renders America defenseless in ways that we are only beginning to understand. Digital transformation is double edge. America’s rush to digitize its economy and society produces as much risk as it does benefits. For example, we have to manage the tensions between mobility and surveillance, between big data and privacy and so on.

The Topics We Cover in These Articles

We deal with a wide range of cyber security topics in these articles. Some discuss cyber election interference. Others look at geopolitical cyber risks, such as our recent series on Russian disinformation and “Active Measures.” We will frequently check in on the state of enterprise architecture and cloud computing, seeking expert insights into the best practices and new security technologies that are influencing security policies in these areas of information technology. We cover the gamut of security subjects: malware, phishing, identity and access management (IAM), privileged access management (PAM), zero trust, data security, application security, secure DevOps (DevSecOps), red-blue teaming, automation, Security Orchestration, Automation and Response (SOAR), threat monitoring, incident response, intrusion detection, encrypting, key management and on and on. Our cyber security articles look at compliance, government cybersecurity frames like NIST NSF, GDPR, CCPA and more.