spotlight

Press Release – March 7, 2024 SRI chosen to deliver cyber-psychology-informed network defense technology for IARPA  The innovative program will be centered around the psychology of cyber attackers.   [March 7, 2024]: Menlo Park, CA – SRI announced today that it has been selected by Intelligence Advanced Research Projects Activity (IARPA) to deliver advanced technology for its recently announced Reimagining […]

April 18, 2024 It is evident over the last few years that central national governments are applying tighter controls on the security of software and hardware products – from labels for IoT devices in the US and abroad, to controls over AI research and bans on high risk AI models, to more timely reporting requirements on vulnerabilities, ransomware, […]

April 2, 2024 Software Bill of Materials (SBOMs) have been a hot ticket even before they were listed as a key initiative for secure software development practices in the National Cybersecurity Strategy of 2023. I started to track SBOMs progress when I heard a presentation by Alan Friedman, one of the early evangelists who was […]

February 29, 2024 One cybersecurity area that I tend to spotlight involves vulnerability management programs.  From vulnerability discovery, disclosure, sharing, prioritization, and remediation, there are many different types of tools, processes, and programs that can be employed to manage this problem. One unique vulnerability management program that has evolved significantly over the years is bug […]

Artificial Intelligence / Machine Learning (AI/ML) are hot topics these days when it comes to politics, technology, and personal living. There is much discussion around the ethics, the threats, and the benefits of AI/ML in each of these circles. It comprises the newest arms race with our adversaries, and just about every industry is putting […]

I was delighted to see the recent appointment of Kelly Schulz as CEO for the Maryland Tech Council. Ms. Schulz has played a prominent role in Maryland politics for many years, most recently as a candidate for Governor. Prior to her run for Governor, she led workforce and innovation initiatives as a cabinet member at […]

For several years I have been honored to be a guest at the annual Forum on Financial Information Systems and Cybersecurity: A Public Policy Perspective organized at the University of Maryland by Larry Gordon, EY Alumni Professor of Managerial Accounting and Information Assurance; Martin Loeb, professor of accounting and information assurance and a Deloitte & […]