Mark Montgomery, Senior Director at the Foundation for the Defense of Democracies, is on a mission to advance cybersecurity strategies through CSC 2.0. He shares insights into the evolution of the NIST cybersecurity framework and its role in enhancing organizational governance. The discussion also highlights cybersecurity as a potential economic enabler in the UK, shifting perceptions from its traditional view as a roadblock. Montgomery addresses the urgent need for improved protections for critical infrastructure and the complexities surrounding encryption policies.

As 2023 comes to a close, host Alex Botting and Jen Ellis are joined by guests from Season 1 and experts from the Center for Cybersecurity Policy & Law to discuss their predictions for 2024. 🧠 What's next for AI?⚛ Will 2024 be the year of Quantum?🔑 Can we finally ditch Passwords? 🏷 Will Cyber Labels nudge consumers towards better security decisions?📜 Will Certifications and Self-Attestations raise the bar for enterprises?Episode Guest List:Brendan Dowling - Australian Ambassador for Cyber Affairs and Critical TechnologyIrfan Hemani - Deputy Director of Cyber Security Policy, UK Department for Science, Innovation and Technology‍Alison King - Vice President of Government Affairs, Forescout TechnologiesAri Schwartz - Managing Director of Cybersecurity Services, Venable LLP & Coordinator, Cybersecurity Coalition Jeremy Grant - Managing Director of Technology Business Strategy, Venable LLP & Coordinator, Better Identity CoalitionInés Jordan-Zoob - Program Manager, Cyber Security and Privacy, Venable LLPHeather West - Senior Director of Cybersecurity and Privacy Services, Venable LLP

In our latest episode, former U.S. National Cyber Director Kemba Walden joins Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law. The discussion includes Kemba’s reflections on her time at the Office of the National Cyber Director, and the multitude of major policy initiatives that she spearheaded - including the release of the updated U.S. National Cybersecurity Strategy, the associated Implementation Plan, the Cybersecurity Priorities for the Fiscal Year 2025 Budget, and the U.S. National Cyber Workforce and Education Strategy -  and all in just ten months of tenure. News:Australian Cyber Security Strategy ReleaseEU CRA Political Agreement ReachedInterview:Munich Security Conference 2023US National Cybersecurity Strategy US National Cybersecurity Strategy Implementation PlanBiden-Harris Administration’s Cybersecurity Priorities for the Fiscal Year 2025 BudgetUS National Cyber Workforce and Education Strategy Request for Information: Opportunities For and Obstacles To Harmonizing Cybersecurity RegulationsOffice of the National Cyber Director Requests Public Comment on Open-Source Software Security and Memory Safe Programming LanguagesRequest for Information on Open-Source Software Security: Areas of Long-Term Focus and PrioritizationLog4j Vulnerability Heartbleed BugTrivia:Belgian Whistleblower Law

In our latest episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by the Australian Ambassador for Cyber Affairs and Critical Technology, Brendan Dowling. In the conversation, Ambassador Dowling provides context on Australia’s numerous recent cyber policy developments, including the appointment of the inaugural Australian National Cyber Security Coordinator, the upcoming 2023-2030 Australian national cybersecurity strategy, and some of the lessons learned from the recent Medibank and Optus cyber incidents.  He also gives his optimistic perspective on where we are today and where we can get to in the coming years.News:UK’s AI Safety SummitBletchley DeclarationU.S. Executive Order on AI Heather West’s analysis of the AI EO International Counter Ransomware InitiativeRecent ransomware attack in GermanyInterview:Upcoming 2023-2030 Australian national cybersecurity strategy Appointment of the inaugural Australian National Cyber Security CoordinatorMedibank incidentOptus incident Trivia:Sarbanes-Oxley Act of 2002Chips and Science Act of 2022

In our latest episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Jason Gull, Senior Counsel in the Computer Crime and Intellectual Property Section (CCIPS) of the Justice Department’s Criminal Division. In the conversation, Jason sheds light on the evolution of the Digital Millennium Copyright Act, including the role of the Library of Congress in reviewing the law every three years. The 2024 review process is underway, and potential new or amended exemptions have been submitted. The Copyright Office is accepting comments and evidence, as detailed here.   In addition to the above, this week’s episode features Alex’s updates from Singapore International Cyber Week, and he also highlighted Singapore’s Cybersecurity Labeling Scheme for Medical Devices sandbox, which medical device manufacturers are invited to join. Jen covered some recent research from Lloyd’s on the potential cost and impact of a large scale cyber attack against payments systems. Our Mystery Trivia Master this week is the wonderful Megan Stifel, Chief Strategy Officer for the Institute for Security and Technology and Executive Director of the Ransomware Task Force. News Section:Singapore International Cyber Week 2023Singapore Cybersecurity Labeling Scheme for Medical Devices SandboxLloyd’s of London finds hypothetical cyberattack could cost world economy $3.5 trillionInterview Section:Computer Crime and Intellectual Property Section (CCIPS)Digital Millennium Copyright Act (DMCA)Ninth Triennial Section 1201 Proceeding, 2024 CycleCybercrime and the Law: Computer Fraud and Abuse Act (CFAA) and the 116th CongressComputer Fraud and Abuse Act (CFAA) Guidance from DOJNinth Triennial Section 1201 Proceeding, 2024 CycleTrivia Section:Comprehensive National Cybersecurity Initiative (CNSI)Archived White House Release of CNSI

In our latest episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Irfan Hemani, Deputy Director of Cyber Security Policy at the UK's Department for Science, Innovation, and Technology. In this role, Irfan is responsible for Cyber Resilience Policy for the UK's wider economy and society. The discussion focuses on how the UK currently approaches securing emerging technologies,  from both enterprise and consumer perspectivesNews Section:TSA Finalizing Cybersecurity Guidelines for Pipeline Operators and VendorsDeputy National Security Advisor provides details on ratings effort to determine security of pipeline, rail sectorsLATAM CISO Summit 2023Microsoft Digital Defense ReportInterview Section:Cyber Power IndexETSI EN 303 645 Cybersecurity Standard for Consumer IoT DevicesProduct Security and Telecommunications Infrastructure (PSTI) ActUK AI Safety SummitTrivia Section:Soviet Memorial Causes Rift between Estonia and RussiaThe Bronze Soldier Crisis of 2007: Revisiting an Early Case of Hybrid Conflict

In our latest episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by former U.S. Congressman Jim Langevin. Jim spent more than 22 years representing Rhode Island’s 2nd Congressional District in the U.S. House of Representatives. The discussion focuses on his enormous influence the development of U.S. congressional cyber policy.News Section:Clorox Cyberattack Brings Early Test of New SEC Cyber RulesAustralia to ‘Build Six Cyber Shields’International Criminal Court Will Now Prosecute Cyberwar CrimesInternational Criminal Court Hack Interview Section:Cyberspace Solarium Commission ReportLongtime Congressman James Langevin to serve as senior fellow at Brown’s Watson InstituteFormer Congressman James Langevin to serve as visiting scholar at URIElissa Slotkin to co-chair Congressional Cybersecurity Caucus ‘Cyber risk is business risk, and the SEC knows it’, Chris Inglis, Jim Langevin & Mark MontgomeryTrivia Section:NIST Cybersecurity FrameworkCR2 and NIST workshop: “A Cyber Framework Fit for Global Use: Cybersecurity Framework (CSF) 2.0”

Mieke Eoyang, the Deputy Assistant Secretary of Defense for Cyber Policy, offers an inside look at the 2023 DoD Cyber Strategy. She discusses the complexities surrounding international cybercrime treaties, highlighting the clash between democratic and authoritarian views. Insights from her DEF CON experience reveal how cybersecurity is reshaping military strategy, with a focus on the urgency of collaboration. Eoyang also dives into threat intelligence nuances in defense, emphasizing the challenges of rapid response versus control.

In this episode of Distilling Cyber Policy, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law sat down with Joshua Corman, co-founder of I Am The Cavalry, to learn more about the movement and its significant impact on the development of cybersecurity policy.  In addition to the above, this week’s episode features recent cyber policy developments from Japan, the U.K., and Bangladesh, as well as some tricky cryptography trivia. News Section:Chinese military hackers penetrated Japan’s most sensitive computer networksPolice Service of Northern Ireland (PSNI) BreachesNorfolk and Suffolk police: Victims and witnesses hit by data breachBangladesh proposes a new Cybersecurity LawInterview Section:I Am The Cavalry SiteOriginal Cavalry Launch video "The Cavalry Isn't Coming…10 Years Later Keynote "And together we crossed the river.. "Cavalry Track Day 1Cavalry Track Day 2Trivia Section:Skipjack

In this episode of Distilling Cyber Policy, hosts Alex Botting and Jen Ellis dive into the world of hacker conferences with guests Beau Woods and Harley Geiger. The discussion focuses on the importance of collaboration between the policy and security communities at these events, and the unique policy learning opportunities at the upcoming DEF CON, the world’s biggest hacker conference. News:Kenya Experiences Major Cyber AttackSEC Adopts Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public CompaniesDNI Haines Statement on the President’s Intent to Nominate Harry Coker Jr. as the National Cyber DirectorInterview:Beau WoodsHarley GeigerHacking Policy CouncilThe Hackers, the Lawyers, and the Defense Fund - Harley's Presentation at DEF CONPolicy @ DEF CONAI Village @ DEF CON 31Hacker Summer Camp Party ListTrivia: EFF Tech Trivia @ DEF CON 31Investigation Into Encrypted Phone Network Leads to 6,500 ArrestsIf you have a trivia question for Jen and Alex, email it to info@centerforcybersecuritypolicy.org!