Insights & Research

Security

CISA Promotes Secure by Design Principles with Industry Pledge

CISA announced its “Secure by Design Pledge,” a voluntary commitment by software manufacturers to work towards implementing several cybersecurity best practices.

Center for Cybersecurity Policy and Law Launches Fellowship Program with Two Inaugural Cybersecurity Fellows

Donna Dodson and Mark Bohannon have been named the inaugural fellows for Center for Cybersecurity Policy and Law.

Cyberspace Solarium Commission 2.0 with Mark Montgomery (DCP S2 E1)

In our latest Distilling Cyber Policy podcast episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Mark Montgomery, Senior Director and Senior Fellow at the Foundation for the Defense of Democracies.

Cybersecurity Coalition Announces CyberNext Brussels

The Cybersecurity Coalition has announced the inaugural CyberNext Brussels conference taking place March 21 at the Stanhope Hotel Brussels.

EU’s Digital Markets Act Puts the Security Onus on Mobile Users

In our latest paper, we discuss the impact of the EU’s mobile app store provisions of the Digital Markets Act, which requires mobile operating systems open up more options for users to install apps, potentially also adding security threats.

Trusted App Stores: Protecting Security and Integrity

The mobile app store provisions of the DMA could undermine foundational security in the mobile phone ecosystem. The Center is concerned that a proliferation of ways to install apps will be overwhelming to users and open avenues for bad actors.

Hacking Policy Council Comments to New York State Department of Health on Proposed Hospital Cybersecurity Requirements

The Hacking Policy Council (“HPC”) submits the following comments in response to the New York Department of Health’s proposed addition to Section 405.46 to Title 10 NYCRR (“Hospital Cybersecurity Requirements).

Vulnerability Management Under The Cyber Resilience Act

Companies should begin preparing now for the EU’s Cyber Resilience Act, a significant development in product security regulation and will apply to software and connected device manufacturers in and outside EU borders.

Cybersecurity Predictions for 2024

The Center for Cybersecurity Policy & Law staff offer their predictions on what's to come in 2024 and the season finale of the Distilling Cyber Policy podcast offers some additional commentary on what's ahead.

Coalition Submits Comments to CISA on Software Attestation Form

The Cybersecurity Coalition submitted comments to CISA's second Request for Comment on its Secure Software Development Attestation Common Form.