In this podcast, former cybersecurity director Melissa Hathaway talks about emerging cybersecurity threats, reforms to FISMA compliance and corporate cyberespionage. Hathaway is a senior adviser at Harvard Kennedy School of Government’s Belfer Center for Science and International Affairs.
- How could the potential FISMA compliance reforms — so-called “FISMA 2” — affect the quality of cybersecurity readiness in U.S. government agencies and contractors? Does FISMA compliance need reform?
- Other elements of legislation would introduce certification for IT security professionals. Is that a positive outcome, if it happens? Why or why not?
- The U.S. House passed a national data breach notification bill before the holiday break. If it passes the Senate, there will be a national standard. What do you think of the prospect? Is such a breach notification bill needed to supplement HHS and FTC data breach regulations?
- One critical area in cybersecurity lies in the many data breaches of corporate intellectual property. How does that unfortunate trend relate to compliance? Will a federal data breach notification law help to at least expose the scope of the issue?
- There’s considerable concern in the defense community about electronic espionage. How can those entrusted with maintaining cybersecurity balance privacy issues, civil rights and the need to protect or defend critical infrastructure? What does privacy mean in the context of cyberwar?