Fixing American Cybersecurity

cover art
 
272 pp., 6 x 9
Hardcover
ISBN: 9781647121495 ()

eBook
ISBN: 9781647121518

E-Inspection
Request E-Inspection


February 2023

EXPLORE THIS TITLE

Description
Table of Contents
Reviews
Contributors


Fixing American Cybersecurity
Creating a Strategic Public-Private Partnership
Larry Clinton, Editor
Foreword by Kiersten Todt
Advocates a cybersecurity "social contract" between government and business in seven key economic sectors

Cybersecurity vulnerabilities in the United States are extensive, affecting everything from national security and democratic elections to critical infrastructure and economy. In the past decade, the number of cyberattacks against American targets has increased exponentially, and their impact has been more costly than ever before. A successful cyber-defense can only be mounted with the cooperation of both the government and the private sector, and only when individual corporate leaders integrate cybersecurity strategy throughout their organizations.

A collaborative effort of the Board of Directors of the Internet Security Alliance, Fixing American Cybersecurity is divided into two parts. Part One analyzes why the US approach to cybersecurity has been inadequate and ineffective for decades and shows how it must be transformed to counter the heightened systemic risks that the nation faces today. Part Two explains in detail the cybersecurity strategies that should be pursued by each major sector of the American economy: health, defense, financial services, utilities and energy, retail, telecommunications, information technology.

Fixing American Cybersecurity will benefit industry leaders, policymakers, and business students. This book is essential reading to prepare for the future of American cybersecurity.
Larry Clinton is the president and CEO of the Internet Security Alliance, a multi-sector trade association that focuses on thought leadership, policy advocacy and developing best practices for cyber security. The National Association of Corporate Directors has twice named Clinton as one of the 100 most influential people in the field of corporate governance. Clinton is the author of numerous publications in the cybersecurity space.
Reviews
"In this thoughtful work, an interdisciplinary team led by Larry Clinton provides their expertise across a broad range of critical infrastructure sectors to propose a new course for public and private sector partnership to better secure our critical infrastructure from cyber incidents."—Brigadier General (Ret.) Gregory Touhill, director of the CERT Software Engineering Institute at Carnegie Mellon University, former chief information security officer for the US government, and former deputy assistant secretary for cybersecurity and communications at the Department of Homeland Security, 2014-2016



"A must read for policy makers, operators, thought leaders and business leaders. Incremental change within the cybersecurity ecosystem has been mostly ineffective. The authors clearly articulate both the need for a new strategic approach as well as a roadmap ..."—Rear Adm. (Ret.) Mike Brown, president of Spinniker Security LLC, and former deputy assistant secretary of cybersecurity and communications, US Department of Homeland Security, 2008-10



"Over the last decade, corporate boards have increasingly understood [cybersecurity] as a strategic issue blending technology & economics into the organizational mission…. Fixing Cybersecurity translates many of the lessons learned for use in government."—Erin Essenmacher, former president and CSO of the National Association of Corporate Directors



"Anyone interested in creating effective cybersecurity policy should pay attention to this book. Fixing Cybersecurity provides a wide range of policy proposals for improving our cybersecurity [and] convincingly argues for alternatives that go beyond the purely technical."—Michael Daniel, President and CEO of Cyber threat Alliance, and former cybersecurity coordinator, Executive Office of the President



"If your goal is to gain real insights from well-known experts such as Larry Clinton into some of America's most serious looming cybersecurity challenges, then this new book is a must read."—Dr. Edward Amoroso, Member NSA Advisory Board, Chief Executive Officer, TAG Cyber



Research Professor, NYU



"A must read for policy makers, operators, thought leaders and business leaders. Incremental change within the cybersecurity ecosystem has been mostly ineffective. The authors clearly articulate both the need for a new strategic approach and a roadmap."—Rear Adm. (Ret.) Mike Brown, President of Spinnaker Security LLC, and former deputy assistant secretary of cybersecurity and communications, US Department of Homeland Security, 2008-10



"Anyone interested in creating effective cybersecurity policy should pay attention to this book.Fixing American Cybersecurity provides a wide range of policy proposals for improving our cybersecurity and convincingly argues for alternatives that go beyond the purely technical."—Michael Daniel, President and CEO, Cyber Threat Alliance, and former cybersecurity coordinator, Executive Office of the President



"In this thoughtful work, an interdisciplinary team led by Larry Clinton provides expertise across a broad range of critical infrastructure sectors to propose a new course for public and private sector partnership to better secure our critical infrastructure from cyber incidents."—Brigadier General (Ret.) Gregory Touhill, irector of the CERT Software Engineering Institute at Carnegie Mellon University, former chief information security officer for the US government, and former deputy assistant secretary for cybersecurity and communications at the Department of Homeland Security, 2014-16



"Over the last decade, corporate boards have increasingly understood cybersecurity as a strategic issue blending technology and economics into the organizational mission. Fixing American Cybersecurity translates many of the lessons learned for use in government."—Erin Essenmacher, Former president and CSO, the National Association of Corporate Directors

Table of Contents
Foreword by Kiersten Todt

Introduction


PART ONE: Rethinking Cybersecurity

1 The Economics of Cybersecurity: Advantage Attackers
By Larry Clinton

2 Dangerous and Effective: China's Digital Strategy
By Larry Clinton and Carter (Yingzhou) Zheng

3 The Solar Winds of Change: The Threat of Systemic Cyber Risk
By Anthony Shapella

4 Outdated and Ineffective: Why Our Current Cybersecurity Programs Fail to Keep Us Safe
By Larry Clinton and Alexander T. Green

5 Reinventing Cybersecurity: A Strategic Partnership Approach
By Larry Clinton and Alexander T. Green

6 The Cybersecurity Policy We Need: Incentivize, Modernize, Economize
By Larry Clinton

PART TWO: Sectors of Cybersecurity

7 Health: Cybersecurity as a Core Element of Patient Care
By Lou DeSorbo and Jamison Gardner

8 Defense: Leveraging the Dual Economies of the Defense Industrial Base
By Jeffrey C. Brown, J. R. Williamson, Michael Gordon, Michael Higgins, and Josh Higgins

9 Financial Services: Regulation Isn't Enough
By Greg Montana, Gary McAlum, Kenneth Huh, and Tarun Krishnakumar

10 Energy: Protecting the Smart Grid
By Ryan Boulais and Jamison Gardner

11 Retail: Serving Consumers and Keeping Them Secure
By Andy Kirkland and Alexander T. Green

12 Telecommunications: Managing International Risk in a Post-COVID-19 World
By Richard Spearman

13 Information Technology: Defining How to Govern IT
By Larry Clinton, Carter (Yingzhou) Zheng), and Tarun Krishnakumar

Conclusion
By Larry Clinton

Notes
About the Contributors
Index

Contributors
Ryan Boulais, Jeffrey C. Brown, Lou DeSorbo, Jamison Gardner, Michael Gordon, Alex Green, Josh Higgins, Michael Higgins, Kenneth Huh, Andy Kirkland, Tarun Krishnakumar, Gary McAlum, Greg Montana, Anthony Shapella, Richard Spearman, J.R. Williamson, Carter Zheng