Start Here: Cyber Fundamentals for Public Policy Makers
Wiley is launching a podcast in partnership with American University’s Khan Cyber and Economic Security Institute and global cybersecurity company CrowdStrike. This comprehensive series explores the fundamentals of cybersecurity public policy to help cybersecurity professionals, government officials, and students stay up to date on the latest regulatory and legislative issues.
The “START HERE” podcast is led by Sasha O’Connell, Executive in Residence at American University’s School of Public Affairs and Director of the Curriculum and Programming for the Khan Institute; Drew Bagley, CrowdStrike’s VP & Counsel for Privacy and Cyber Policy; and Megan Brown, Co-Chair of Wiley’s Privacy, Cyber & Data Governance Practice. Together, they explore topics such as incident response and ransomware in a series designed to assist current and future public policy leaders with cybersecurity responsibilities. We hope you’ll enjoy this podcast!
Episode 1: Cyber Fundamentals for Public Policymakers
Welcome to "START HERE" the educational resource for current and future policymakers seeking to delve into the world of cyber public policy. In this evergreen series, we bring you the foundational knowledge you need to navigate the complex realm of cybersecurity public policy with confidence. Join the team of: Drew Bagley, Megan Brown, and Sasha O’Connell as they uncover the essential principles and insights that shape cyber public policy today.
Episode 2: Cyber Incident Reporting (Part One)
In the second episode of “START HERE”, Sasha O’Connell, Drew Bagley, and Megan Brown discuss cyber incident reporting. With new incident reporting mandates being considered at the state and federal level, this issue needs thoughtful consideration. Incident reporting is a big topic so we cover it in two episodes. In this first one, Sasha, Drew and Megan discuss fundamental issues about whether incident reporting should be required at all, from the perspective of victims of cyber attacks, incident responders, and government.
Episode 3: Cyber Incident Reporting (Part Two)
In the third episode of “START HERE”, Sasha O’Connell, Drew Bagley, and Megan Brown continue the discussion of cyber incident reporting, digging deeper to discuss the main aspects of proposed mandates and new government approaches. This episode addresses the state data breach reporting landscape and new laws like the Cybersecurity Incident Reporting for Critical Infrastructure Act and news rules at the Securities and Exchange Commission. Sasha, Drew and Megan discuss hard operational questions, including whether reporting should be public or confidential, timelines for reporting (and tradeoffs of speed versus accuracy), and how reporting mandates can put victims at further risk.
Episode 4: Ransomware (Part One)
In the fourth episode of "START HERE," Sasha O’Connell, Drew Bagley, and Megan Brown delve into the world of ransomware and extortion schemes. This episode addresses the evolution of ransomware and the approaches that organizations often take in response to such threats. Sasha, Drew, and Megan discuss how ransomware affects operational technology and the Colonial Pipeline ransomware attack of 2021.
Episode 5: Ransomware (Part Two)
Join Sasha O’Connell, Drew Bagley, and Megan Brown as they embark on a journey to demystify cyber policy, addressing the vital gap in understanding and communication that hinders effective policy development. Through engaging discussion and expert insights, this episode serves as your gateway into the intricacies of cybersecurity public policy, specifically focusing on ransomware and policy approaches.
Understanding the Ransomware Economy: Delve deeper into the complexity of the ransomware economy, exploring its various facets and implications for policy development.
Regulating Ransomware Attacks: Explore policy approaches to regulating and mitigating ransomware attacks, considering the multifaceted interests that must be balanced by policymakers.
Challenges and Considerations: Examine the challenges inherent in crafting effective ransomware policies, including the need to address divergent interests and perspectives.
Solutions and Strategies: Gain insights into identifying real problems posed by ransomware and formulating practical policy solutions to combat this evolving threat.
A Holistic Perspective: Benefit from a unique perspective that integrates academia, private sector expertise, and real-world policy application to offer a well-rounded view of ransomware policy.
Episode 6: Data Flows
On this episode of START HERE, join Sasha O’Connell, Drew Bagley, and Megan Brown as they embark on a journey to unravel the complexities of cross-border data flows and their impact on global cyber policy. In this enlightening episode, they delve into the benefits of data flows and internet connectivity, highlighting their crucial role in driving innovation, economic growth, and international collaboration.
Through engaging discussions and expert insights, this episode serves as your gateway into understanding the necessity of a global workforce for data flows, and exploring how diverse talent pools contribute to the development and regulation of data policies across borders.
Moreover, the team navigates through the intricate politics surrounding data flows, shedding light on the challenges policymakers face in balancing security, privacy, and economic interests on a global scale.
Here's what you'll discover in this episode:
The Power of Data Flows: Explore the transformative potential of cross-border data flows and internet connectivity, uncovering how they foster innovation, economic development, and interconnectedness in the digital age.
Global Workforce Dynamics: Gain insights into the essential role of a global workforce in managing and regulating data flows, understanding how diverse perspectives and expertise contribute to shaping effective cyber policies.
Navigating Political Landscapes: Examine the intricate politics of data flows, from regulatory frameworks to international negotiations, and the challenges policymakers encounter in navigating divergent interests and agendas.
Episode 7: Digital Identity
On this episode of START HERE, join Sasha O'Connell, Drew Bagley, and Megan Brown as they unravel the complexities of digital identity and its implications for cybersecurity. Delve into the definition of digital identity, the critical role of authorization, and the emerging technologies shaping authorization processes.
Through insightful discussions and expert analysis, this episode explores the challenges faced by key players in digital identity and authentication, and the workstreams and policies aimed at addressing these challenges.
Here's what you'll uncover in this episode:
Defining Digital Identity: Understand the concept of digital identity and its significance in the digital age, exploring its implications for cybersecurity and beyond.
Authorization Dynamics: Examine the role of authorization in digital identity, and how credentials, tokens, and other technologies are shaping authorization processes.
Challenges and Solutions: Explore the key challenges faced by stakeholders in digital identity and authentication and the various workstreams and policies aimed at solving these challenges.
Don't miss this enlightening exploration of digital identity and its impact on cybersecurity. Subscribe now to stay informed and engaged with the latest insights and discussions!
Episode 8: Key Players in the U.S. Cyber Policy: The White House
On this episode of START HERE, join Sasha O'Connell, Drew Bagley, and Megan Brown as they navigate the intricate landscape of U.S. government cyber policy. This comprehensive exploration delves into the roles and responsibilities of the key players shaping the nation's cyber defenses and their interactions with the private sector, academia, and civil society.
Here's what you'll uncover in this episode:
Roles in Cyber Policy: Learn about the specific roles of key government players in cyber policy, including their responsibilities and strategic significance.
Internal Structures: Unpack the internal structure of these agencies, exploring how their organization supports their mission in cybersecurity.
Tools and Authorities: Discover the tools and legislative authorities these players wield, which empower them to act effectively within the policy space.
Policy Playgrounds: Identify where these key players operate within the cyber policy space and the arenas they influence most significantly.
Trends and Priorities: Investigate recent trends affecting these players, focusing on shifts in priorities in response to evolving cyber threats.
Stakeholder Interactions: Examine how these government players engage with stakeholders from the private sector, academia, and civil society, ensuring comprehensive and inclusive cyber policy formulation.
Episode 9: Key Players in U.S. Cyber Policy: Internet Governance
On this episode of START HERE, join Sasha O'Connell, Drew Bagley, and Megan Brown as they navigate the intricate landscape of U.S. government cyber policy. This comprehensive exploration delves into the roles and responsibilities of the key players shaping the nation's cyber defenses and their interactions with the private sector, academia, and civil society. In this episode, we focus on the global standards bodies called Internet Governance.
Here's what you'll uncover in this episode:
Roles in Cyber Policy: Learn about the specific roles of key government players in cyber policy, including their responsibilities and strategic significance.
Internal Structures: Unpack the internal structure of these agencies, exploring how their organization supports their mission in cybersecurity.
Policy Playgrounds: Identify where these key players operate within the cyber policy space and the arenas they influence most significantly.
Challenges of Internet Governance: We'll address the complexity of these topics and how challenging it can be to frame them up. We'll also share visual aids on our website to help you picture these concepts better.
Don't miss this detailed breakdown of U.S. government cyber policy dynamics and the global standards bodies that underpin the internet. Subscribe now to stay informed and engaged with the latest insights and discussions!
Episode 10: Key Players in U.S. Cyber Policy: The Executive Branch
On this episode of START HERE, join Sasha O'Connell, Drew Bagley, and Megan Brown as they navigate the crucial role of the Executive Branch in shaping U.S. cyber policy. This episode highlights how federal agencies like the Cybersecurity and Infrastructure Security Agency (CISA) operate at the forefront of national cybersecurity efforts, coordinating responses, and setting policies.
Here's what you'll uncover in this episode:
Roles in Cyber Policy: Discover the critical roles played by the Executive Branch and agencies like CISA in formulating and enforcing U.S. cyber policy.
Federal Coordination: Understand how federal cyber agencies provide guidance and directives to secure their systems in response to cyber threats.
Binding Operational Directives: Dive into the significance of binding operational directives issued by cyber agencies to implement specific cybersecurity measures to protect their systems.
Partnerships and Activities: Explore the collaborative efforts of various regulatory agencies, driving extensive cybersecurity activities and initiatives across the federal landscape.
Don't miss this detailed breakdown of how the Executive Branch and CISA are key players in U.S. cyber policy, working tirelessly to safeguard the nation's digital infrastructure. Subscribe now to stay informed and engaged with the latest insights and discussions!
Episode 11: Key Players in U.S. Cyber Policy: Congress
On this episode of START HERE, join Sasha O'Connell, Drew Bagley, and Megan Brown as they navigate the crucial role of Congress in shaping U.S. cyber policy. This episode highlights how Congressional committees and lawmakers operate at the forefront of national cybersecurity efforts, coordinating responses, and setting policies.
Here's what you'll uncover in this episode:
Roles in Cyber Policy: Discover the critical roles played by Congress in formulating and enforcing U.S. cyber policy.
Congressional Structure: Learn about the structure of key Congressional committees, such as the House Committee on Homeland Security and the Senate Committee on Commerce, Science, and Transportation, and their impact on cybersecurity legislation.
Legislative Tools and Authorities: Understand the tools and authorities Congress utilizes to influence cyber policy, including drafting legislation, oversight functions, and budgetary control.
Policy Influence: Explore where Congress tends to play in the policy space, from creating comprehensive cybersecurity strategies to addressing emerging threats through new laws.
Recent Trends: Dive into recent trends in Congressional action on cybersecurity, such as initiatives to protect critical infrastructure, enhance public-private partnerships, and respond to increasing cyber threats.
Stakeholder Engagement: Learn how stakeholders from the private sector, academia, civil society, and beyond can engage with Congress to have their voices heard and influence cyber policy decisions.
Don't miss this detailed breakdown of how Congress is a key player in U.S. cyber policy, working tirelessly to safeguard the nation's digital infrastructure. Subscribe now to stay informed and engaged with the latest insights and discussions!
Episode 12: Key Players in U.S. Cyber Policy: The States
On this episode of START HERE, join Sasha O'Connell, Drew Bagley, and Megan Brown as they navigate the crucial role of states in shaping U.S. cyber policy. This episode highlights how state governments operate at the forefront of national cybersecurity efforts, coordinating responses, and setting policies.
Here's what you'll uncover in this episode:
Roles in Cyber Policy: Discover the critical roles played by states in formulating and enforcing U.S. cyber policy.
State Structure: Learn about the structure of key state agencies and offices responsible for cybersecurity, such as state Departments of Information Technology and Offices of Homeland Security, and their impact on cybersecurity efforts.
Tools and Authorities: Understand the tools and authorities states utilize to influence cyber policy, including state-level legislation, regulatory measures, and emergency response capabilities.
Policy Influence: Explore where states tend to play in the policy space, from protecting state infrastructure and data to collaborating with federal agencies and other states on broader cybersecurity initiatives.
Recent Trends: Dive into recent trends in state action on cybersecurity, such as efforts to secure election systems, enhance public-private partnerships, and develop workforce training programs to address the growing demand for cybersecurity professionals.
Stakeholder Engagement: Learn how stakeholders from the private sector, academia, civil society, and beyond can engage with state governments to have their voices heard and influence cyber policy decisions.
Don't miss this detailed breakdown of how states are key players in U.S. cyber policy, working tirelessly to safeguard the nation's digital infrastructure. Subscribe now to stay informed and engaged with the latest insights and discussions!