The National Technology Security Coalition (NTSC) began hosting its annual event five years ago in an effort to provide the CISO community with the opportunity to discuss timely national cyber security legislative and policy issues. Attendees to the 2022 NTSC National Security Conference represented both public and private interests.
About the NTSC: This coalition of senior technology security executives functions as the CISO advocacy voice in Washington, D.C. The group is prolific whenever national security deliberations that drive legislative and policy agendas take place.
The most recent conference featured a prestigious roster of speakers, including National Cyber Director and former NSA deputy director Chris Inglis; the executive director of the Cyberspace Solarium Commission, Retired Rear Admiral Mark Montgomery; the former principal deputy director of National Intelligence, Susan Gordon; and U.S. Congressman John Katko.
The speakers discussed a wide range of current issues, from the cybersecurity implications of the war in Ukraine to the most recent developments in national cyber defense strategy. Here are some of the most prominent highlights.
- The American Data Privacy and Protection Act: The House Energy and Commerce Committee introduced the American Data Privacy and Protection Act (ADPPA) in June. This first-of-its-kind bipartisan legislation would provide all Americans an equal level of privacy protection. The committee passed the comprehensive legislation in July, creating wide-reaching implications for all American companies, but especially those in the technology sector.
- Workforce development: Developing a holistic strategy for workforce development is consistently a topic of discussion around both government and private sector tables. Admiral Montgomery recently co-authored a report titled “CSC 2.0: Workforce Development Agenda for the National Cyber Director,” which provides an overarching analysis of the cyber skills gap within the federal government, along with recommendations for the government, Congress, and the private sector. The cybersecurity industry will face a flood of retirees in the next ten years—and there aren’t enough new professionals coming out of the universities to replace them and meet the ever-increasing need for knowledge and talent in this area.
- The SEC’s cyber risk reporting rule: The U.S. Securities and Exchange Commission (SEC) recently released preliminary guidance on its proposed rule requiring additional transparency and resilience against corporate cyberattacks on publicly traded companies. If the SEC finalizes the rule in April 2023, as is expected, businesses would be required to publicly disclose cybersecurity details of their company, including relevant experts on their board of directors and details on any “material” cyber incidents, including ransomware attacks and data breaches.It is increasingly common for CISOs to support having a cybersecurity expert on the board, a connection that facilitates board understanding of how cyber risk and business risk are interrelated. The digital ecosystem is complex, and having cybersecurity experts on the board of directors can assist with aligning the board’s priorities with those of the CISO more successfully.
A recent survey revealed some eye-opening facts:
- 49% of CISOs say expectations of their role are excessive
- 51% assert that their reporting line reduces their effectiveness
- Only half (51%) of CISOs feel the board understands the cybersecurity issues of the company
CISOs will necessarily evolve as workforce shortages, and a changing regulatory landscape becomes a reality, as noted above. Staying diligent and aware of the growing threats and the overarching developing cyber landscape is essential for any organization looking to remain competitive and keep their critical data safe.
Alliance IT is a managed services company based in Sarasota, Florida. We offer cloud services, cyber and technology security consulting and protection, and infrastructure support, among a comprehensive menu of IT services. Call today to learn more about how we can help you.