Cyber Security Articles

The need to spot unknown threats is one of the great challenges in cybersecurity. Traditional anti-virus and anti-malware tools struggle
The business case for data security due diligence during mergers and acquisitions By Brian Vecci, Field CTO, Varonis The Marriott
“This tape will self-destruct in 5 seconds…” As an anxious child with ADHD in the 1970s, I always worried that
Innovations in computing tend to create new, bigger vulnerabilities. The excitement that greets the innovation also blinds people to expanded
I spoke recently with Srini Subramanian, a principal in Deloitte & Touche LLP’s Cyber Risk Services practice. He leads cyber for the
A few months ago, a friend suggested I donate money to Planned Parenthood in honor of a particular politician who
From NordVPN: Digital privacy expert discusses how easy it is to hack into voting machines   October 29, 2019. With
One of our key editorial principles at Journal of Cyber Policy is to nerd out a little, but not so
When the US Air Force was preparing to launch its cloud-based Common Computing Environment (USAF CCE), they realized that their
The surface story is bad enough. Election hacking was a problem in 2016, but many states governments were not told

Cyber Security Articles

What This Cyber Security Articles Page Is About

The goal of Journal of Cyber Policy is to provide commentary and stimulate conversations about important cyber security topics. Our parallel goal is to discuss cyber issues in plain English, liberating this critical subject from the exclusive realm of specialized engineers and hackers. Throughout, we try to talk about cyber security and related issues from the perspectives of public policy, national security, corporate policy and compliance.

 

Why Articles about Cyber Security Matter

We are living in an era where digital technology dominates so much of our lives. Digital risk naturally accompanies this reality. Smartphones, the IoT, the Internet and so forth make our lives easier, but they also expose us to threats. Some of these threats come from nation state actors. We believe Americans could be better-informed about these risks. And, while there’s certainly no lack of content online about cyberthreats, room still exists for cyber security articles that integrate the subject’s diverse themes of technology, politics and business.

For example, Russian disinformation and Chinese espionage are not new, but today’s digital landscape makes these familiar tactics deadly, in political terms. The Cold War was largely analog in nature, with offensive campaigns quite limited in scope and impact. While Cold War dynamics may survive today, they are having a radically different effect on American society and politics than anything that came before.

It can be tricky to tease out the differences between today and a generation ago. American politics and governance have always been messy, dishonest and idiotic, but there were at least some fact-based controls on it. This is no longer the case. Our enemies are exploiting this new reality. In some cases, they’ve created this new reality.

We see the impacts of these new measures, but leaders across the government and business sectors generally fail to understand the transformative nature of technology, e.g. Amazon is not just a bigger mail order store; the iPhone is not just a phone with fancy features, and so forth. These cognitive gaps lead to deficiencies in the perception of risk. They enable our leaders to underestimate our enemies and how they can win without firing a shot. We also tend to overestimate our defenses and resiliency.

The digitization of society, commerce and politics renders America defenseless in ways that we are only beginning to understand. Digital transformation is double edge. America’s rush to digitize its economy and society produces as much risk as it does benefits. For example, we have to manage the tensions between mobility and surveillance, between big data and privacy and so on.

The Topics We Cover in These Articles

We deal with a wide range of cyber security topics in these articles. Some discuss cyber election interference. Others look at geopolitical cyber risks, such as our recent series on Russian disinformation and “Active Measures.” We will frequently check in on the state of enterprise architecture and cloud computing, seeking expert insights into the best practices and new security technologies that are influencing security policies in these areas of information technology. We cover the gamut of security subjects: malware, phishing, identity and access management (IAM), privileged access management (PAM), zero trust, data security, application security, secure DevOps (DevSecOps), red-blue teaming, automation, Security Orchestration, Automation and Response (SOAR), threat monitoring, incident response, intrusion detection, encrypting, key management and on and on. Our cyber security articles look at compliance, government cybersecurity frames like NIST NSF, GDPR, CCPA and more.