Advancing Cyber

The Government Policy Pioneer: Richard A. ClarkeEpisode 1 of the Origin Stories begins with the founder ofmuch of our modern cybersecurity policy, Richard Clarke. Dick served in the White House for ten years under three different presidents. He is responsible for so much of our early cyber policy, developed the first national strategy to defend cyberspace, and has been an influential voice in global cybersecurity discussions for decades. He now leverages that knowledge as a bestselling author and as the founder and CEO of Good Harbor Security Risk Management. As the AI and quantum eras begin to define the next generation of critical infrastructure and cybersecurity policy, we go back to the very beginning of critical infrastructure protection and cybersecurity policy, looking back to advancecyber forward. The conversation starts here.This episode is available on Spotify, Apple Podcasts, and Advancing Cyber's new YouTube channel. Subscribe to stay current with all the episodes in the series – you won’t wantto miss them!

Cristin Flynn Goodwin dives into the world of DeepSeek, a Chinese AI company stirring up controversy with its cost-effective, powerful AI built on lower-power chips. Concerns about efficiency, privacy, and compliance with Chinese laws dominate the discussion. The podcast raises alarm about vulnerabilities reported to the Chinese government and how they could affect U.S. user data. Cristin posits that even if DeepSeek isn't a security powerhouse, it underscores the urgency for improved tech and policy safeguards for users.

Chris Hale, Senior Director for Cyber and National Security Law at Cisco, and Emily Lemaire, a Financial Services Regulatory Lawyer at Covington & Burling, delve into the implications of the EU's new cybersecurity regulations. They discuss the Digital Operational Resilience Act's stringent reporting timelines and how compliance is reshaping U.S. approaches. The duo examines whether short reporting requirements might amplify risks and consider how potential billion-dollar penalties influence organizational behavior. A thought-provoking conversation on navigating compliance in a rapidly evolving regulatory landscape!

Michael Daniel, President and CEO of the Cyber Threat Alliance and former U.S. Cybersecurity Coordinator, teams up with Sergio Caltagirone, a cybersecurity professor at Georgia Tech and co-creator of the Diamond Model of Intrusion Analysis. They delve into the evolution of information sharing in cybersecurity, contrasting today’s commercial threat intelligence landscape with past practices. Key discussions include the need for tailored intelligence approaches, new regulatory frameworks, and the challenges organizations face in effectively sharing actionable data amid rising cyber threats.

Natural disasters have been hitting the United States hard in 2024, and programs designed to help ensure telecommunications resiliency have been working well in the background to keep people connected and facilitate response. In this episode of Advancing Cyber, host Cristin Flynn Goodwin, joined by telecommunications policy expert Kathryn Condello and telecommunications and cybersecurity veteran Marcus Sachs, addresses a critical problem: what happens when cloud services are taken offline at such a scale that customers and sectors compete to decide who gets restored first? As cloud infrastructure increasingly underpins vital sectors—finance, healthcare, utilities, and government—the question isn’t whether disruptions will happen but how devastating the impacts will be when they do.   The discussion dives into the structural and regulatory vulnerabilities in current cloud frameworks that sit at the intersection of cybersecurity and telecommunications, evaluating whether an approach like the telecom sector’s Telecommunications Service Priority (TSP) regime can be adapted for rapid cloud restoration in times of crisis. As data centers carry multiple tenants with differing priorities, the panel explores the impact of the lack of regulation on cloud services in times of crisis, in the US and internationally.   This episode challenges cybersecurity policy and tech leaders to reassess how regulation, prioritization, and strategic partnerships must evolve as we recognize the cloud’s role in national security, emergency response, and national resilience.

Legal expert David Simon, policy leader Jason Healey, and technical expert Jesper Johanssen dive into the complex debate around artificial intelligence's role as critical infrastructure. They weigh the risks of AI-related cyber threats and discuss the urgent need for a structured AI Information Sharing and Analysis Center. The panel challenges existing definitions of critical infrastructure, evaluating whether current regulations can effectively address emerging AI vulnerabilities. Their insights prompt thoughtful questions about how prepared various sectors are for future AI incidents.

Join Jason Kikta, CISO at Automox, Jen Ellis of NextJen Security, and attorney Jessica Herrera-Flanigan as they dissect the fallout from the CrowdStrike incident and its implications for software liability. They discuss the urgent need for AI regulations to catch up with rapid technological advancements. Delve into the complexities of accountability in cybersecurity and the interplay between major political events and data breaches. Plus, uncover the dangers of disinformation, highlighting the recent Olympic misinformation and the pressing call for improved critical thinking.

Dive into the pressing issues of cybersecurity with insights from top experts. Discover how current incidents shape laws and public policies. Explore innovative technologies and their implications for business and society. Engage in proactive discussions that focus on what truly matters in the ever-evolving cyber landscape.