Why our Cybersecurity Policies Are Failing Us
Frances Zelazny
![Frances Zelazny]()
Frances Zelazny
Co-Founder & CEO, Anonybit | Strategic Advisor | Startups and Scaleups | Enterprise SaaS | Marketing, Business Development, Strategy | CHIEF | Women in Fintech Power List 100 | SIA Women in Security Forum Power 100
There are many cybersecurity policies and regulations in place, yet we continue to be faced with breaches on an ongoing basis. Existing policies are vague; they don’t consider the way fraudsters behave and they focus primarily on prevention as opposed to real-time response. Today’s cybercriminals know how to bypass our prevention solutions. We know this because today’s fraud comes from sessions that are taken over post-login. Technologies such as behavioral biometrics continuously authenticate WHO is behind a session and not just WHAT device or passcode was used to login. Our policies need to adapt to the current fraud landscape.
Read the whole commentary as featured on The Hill here.
retired...
8 年Federal Gov cyber policies have the fatal flaw of outlining recommended and/or accepted cyber technologies/procedures. These policies are obsolete before they are 'published'. IMO: DC wonks want to find the holy grail of cyber security. DC needs an overarching policy/guidance that works for years and allows US Industry to develop technologies to counter cyber attacks. Hint: US has a legal Castle Doctrine that allows self protection from attack at home or work. Techniques - club, gun, dogs are not specified. To repeat myself - how about a Cyber Castle Doctrine? Provide federal legal coverage for cyber protection; let US IT industry develop and rapidly modify cyber "active defense" (per George Washington University report: Into the Gray Zone: The Private Sector and Active Defense against Cyber Threats."