Addressing Concentration Risk in Federal IT

The Center conducted a multi-stakeholder tabletop exercise in April to explore a form of concentration risk where a single software, configuration, service, or hardware becomes dominant in an ecosystem.

The National Vulnerability Database with Kent Landfield and John Banghart (DCP S2 E4)

In our latest Distilling Cyber Policy podcast episode, our hosts are joined by John Banghart and Kent Landfield to discuss the latest developments and ongoing debate around the National Vulnerability Database.

Cyber Leaders Discuss a Common AI and Cyber Vision in LATAM

Industry, government, and civil society stakeholders from across Latin America, the EU, and U.S. convened in Colombia last month for a roundtable discussion "Towards a Common AI and Cyber Vision in LATAM," hosted by the Digi Americas Alliance.

Building Digital Solidarity: The New International Cyberspace and Digital Policy Strategy

U.S. State Department releases International Cyberspace & Digital Policy Strategy, building off the U.S. National Cybersecurity Strategy.

Event Recap - Advancing Risk Management: Cybersecurity, Privacy and AI

The CCPL hosted a half-day event during the RSA Conference in San Francisco featuring speakers from the NIST and the NCCoE to talk about the Cybersecurity, Privacy, and AI risk management frameworks.

CISA Promotes Secure by Design Principles with Industry Pledge

CISA announced its “Secure by Design Pledge,” a voluntary commitment by software manufacturers to work towards implementing several cybersecurity best practices.

CISA in the Driver’s Seat Over Critical Infrastructure

The Biden Administration released a new National Security Memorandum that aims to strengthen the U.S. critical infrastructure.

Is it Time for Mandatory Multifactor Authentication?

In the wake of the Change Healthcare breach – caused by compromised credentials and no multifactor authentication (MFA) on a remote access server – is it time for government to mandate MFA for critical infrastructure organizations?

Center for Cybersecurity Policy and Law Launches Fellowship Program with Two Inaugural Cybersecurity Fellows

Donna Dodson and Mark Bohannon have been named the inaugural fellows for Center for Cybersecurity Policy and Law.

The UK PSTI Act Comes into Effect

The UK’s Product Security and Telecoms Infrastructure Act comes into effect today and If you are doing business in the UK and are a manufacturer or retailer of consumer smart products find out the implications.