How in the World Do You Measure Cybersecurity, Anyway? with Michael Daniel

Written By Jake Jorgovan

On this episode of the IoT: The Internet of Threats podcast, Michael Daniel, President and CEO of Cyber Threat Alliance, joins podcast host Eric Greenwald to discuss the shifting sands of the regulatory landscape in cybersecurity today and the growing prospect of government regulation affecting private-sector cybersecurity practices. 

Interview with Michael Daniel: 

Prior to his role as President and CEO of Cyber Threat Alliance, Michael served as the Cybersecurity Coordinator to President Obama’s National Security Council (NSC). His work at the NSC followed a 17-year tenure a Program Examiner and later a Branch Chief for national security programs with the U.S. Government’s Office of Management and Budget. 

The Cyber Threat Alliance is a non-profit organization that enables cybersecurity providers to share threat intelligence with each other and improve cybersecurity across the digital ecosystem.

In this interview, Eric and Michael discuss:

  • The government’s evolving role in cybersecurity regulation, from the Cybersecurity Maturity Model Certification (CMMC) to Executive Order 14028

  • How to measure the efficacy of cybersecurity products and practices and the pros and cons of first- and third-party certifications

  • The government's contribution to improving cybersecurity practices by encouraging the adoption and implementation of the Software Bill of Materials (SBOM)

  • How SBOMs help us see inside the software we use and address a key weakness in cybersecurity right now

Find Michael on LinkedIn: https://www.linkedin.com/in/j-michael-daniel-7b71a95/. Learn more about Cyber Threat Alliance by visiting CyberThreatAlliance.org.

Thank you for listening to this episode of the IoT: The Internet of Threats podcast, powered by Finite State — the leading supply chain cyber-security solution provider for connected devices and embedded systems.

If you enjoyed this episode, click subscribe to stay connected and leave a review to get the word out about the podcast.

To learn more about building a robust product security program, protecting your connected devices, and complying with emerging regulations and technical standards, visit https://finitestate.io/.

Jake Jorgovan

https://Jake-Jorgovan.com

https://www.jake-jorgovan.com
Previous

Medical Device Security: Should I worry about my pacemaker being hacked?
Next

Securing the DevOps Pipeline - You Can Do It the Way Intel Does! - with Darren Pulsipher