Cyber Governance Alliance and the Effort to Fight for CISO Liability Protections | A Conversation with Emily Coyle, Dr. Amit Elazari, and Andrew Goldstein | Redefining CyberSecurity Podcast with Sean Martin

ITSPmagazine Podcast Network

Content provided by ITSPmagazine, Sean Martin, and Marco Ciappelli. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by ITSPmagazine, Sean Martin, and Marco Ciappelli or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

2M ago 49:55

MP3•Episode home

Emily Coyle, President & Founding Partner, Cyber Governance Alliance

On LinkedIn | https://www.linkedin.com/in/emily-elaine-coyle-a8243328/

Dr. Amit Elazari, Co-Founder & CEO, OpenPolicy

On LinkedIn | https://www.linkedin.com/in/amit-elazari-bar-on/

On X | https://www.twitter.com/AmitElazari

Andrew Goldstein, Chair of Global White Collar Defense and Investigations Practice, Cooley LLP [@CooleyLLP]

On LinkedIn | https://www.linkedin.com/in/andrew-d-goldstein/

____________________________

Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]

On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin

View This Show's Sponsors

___________________________

Episode Notes

In the episode of Redefining CyberSecurity Podcast, host Sean Martin discusses the issues surrounding the SEC's precedent-setting decision to charge the CISO of SolarWinds, Tim Brown, in the aftermath of the Sunburst cyberattack. Joining Sean are Emily Coyle, the founder of Cyber Governance Alliance, Andrew Goldstein from law firm Cooley and Amit Elazari from OpenPolicy.

Emily elucidates on the work of the Cyber Governance Alliance, aiming to lobby for methodology change by bringing the best practices of cybersecurity into the legal framework. The Alliance is seeking to provide cyber security professionals with the protections they need to carry out their role, including limitations on liability and protection against the chilling effect of litigation.

Andrew speaks to the potential impacts their arguments could have on the wider cyber security field. A pressing concern he highlights is the effect of the SEC's decision on aspiring cyber security professionals and their willingness to engage in the field, potentially exacerbating an already vulnerable shortage of professionals.

Amit points out the contradictions between best practice standards for cybersecurity, enshrined in legislation, and the SEC’s decision. She puts a call to action to the cyber community to collectively support the renewal of the amicus, around furthering discussions with policy makers to create a balanced decision.

The group concludes that the lawsuit sets a challenging precedence for cybersecurity professionals. They argue that aligning legal and policy frameworks with cybersecurity practices should be a priority. They also encourage the community to engage the policymakers in discussion, starting with commenting on and signing the next amicus brief being drafted. Collectively they emphasize the urgency and importance of the cybersecurity community's involvement in shaping the future of cybersecurity policy and governance before it's set in stone.

Key Questions Addressed

What has been the impact, thus far, of the SEC's decision to charge the CISO of SolarWinds, Tim Brown, after the Sunburst cyberattack?
How can conflicting policies potentially impact the sustainability of effective cybersecurity practices and what is the call to action for the cybersecurity community?
How is the Cyber Governance Alliance challenging the current cybersecurity legal framework and what protections are they seeking for cybersecurity professionals?

Top Insights from the Conversation

The SEC's decision to charge the CISO of SolarWinds has far-reaching implications for the cybersecurity community and can deter aspiring professionals for a long time to come.
Through the Cyber Governance Alliance, there's an ongoing effort to integrate the best practices of cybersecurity into the legal framework and provide basic liability protections for cybersecurity professionals.
Despite the contradictions in cybersecurity policies, there's an urgent call for the cybersecurity community to unify and shape the future of cybersecurity policies and governance.

___________________________

Watch this and other videos on ITSPmagazine's YouTube Channel

Redefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq
ITSPmagazine YouTube Channel:

📺 https://www.youtube.com/@itspmagazine

Be sure to share and subscribe!

___________________________

Resources

The amended amicus is due March 29th. Cooley will be hosting a webinar with Latham & Watkins (SolarWinds & Tim Brown outside counsel) to discuss:

Date: Monday, March 11th
Time: 4:00 - 4:30 EST
Zoom Link: https://cooley.zoom.us/j/99323354217

To learn more about signing on to the updated amicus, contact Open Policy ( info@openpolicygroup.com ) or the team at Cooley via https://forms.office.com/Pages/ResponsePage.aspx?id=vqaHcH1e6Eme5Tx__T8eZbG7QNlB75pMoakNn09c-C5UMDBDNUVRVU8yUzFKV09HNjk5MTc0V0taSS4u.

To learn more about Cyber Governance Alliance and their efforts to fight for cyber professionals in Washington, contact the team at ( info@cybergovernancealliance.org) or check out https://cybergovernancealliance.org/

___________________________

To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:

https://www.itspmagazine.com/redefining-cybersecurity-podcast

Are you interested in sponsoring this show with an ad placement in the podcast?

Learn More 👉 https://itspm.ag/podadplc

614 episodes