How ‘Radical Transparency’ Can Bolster Cybersecurity
Events
,
RSA Conference
,
RSA Conference Videos
Ex-DHS Official Suzanne Spaulding and Jim Richberg of Fortinet on Critical Concepts
The concept of “responsible radical transparency” plays a critical role in efforts to improve the state of cybersecurity, said Suzanne Spaulding, former undersecretary, Department of Homeland Security, and Jim Richberg, head of global policy and field CISO as security firm Fortinet.
See Also: Making Sense of FedRAMP and StateRAMP
“The shelf life of secrets is vanishingly short,” Spaulding said. “There are tremendous costs in trying to keep information secret, and there are also opportunity costs, as we saw in 9/11 where we failed to share information,” she said.
A transparent world is coming full steam ahead, she added. “If you train to fight in the dark, you could meet your enemy in the dark, turn off the light, and you’d have the advantage. But we need to train to fight in the light. Whoever can learn to operate in a transparent world with fewer secrets is going to have the advantage,” she said.
Richberg pointed out that defenders need good metrics. “We are really too often guessing at something or throwing darts at a dart board,” he said.
In this video interview with Information Security Media Group at RSA Conference 2024, Richberg and Spaulding also discussed:
- How U.S. government agencies such as CISA have begun to embrace “responsible radical transparency” in their various programs;
- The significance of technology vendors taking CISA’s seven-point voluntary “secure by design” pledge, which embraces responsible radical transparency;
- Why a “transparent world is coming.”
Richberg has more than 30 years of experience driving innovation in cyber intelligence, policy and strategy for the U.S. government and international partners. He served as National Intelligence Manager for Cyber and as the senior Federal Executive focused on cyber intelligence within the more than $80 billion U.S. Intelligence Community annual operating budget. He was the senior adviser to the Director of National Intelligence on cyber issues and set collection and analytic priorities for the IC’s 17 departments and agencies on cyberthreats.
Spaulding serves as a member of the Cyberspace Solarium Commission and is also senior adviser for homeland security and director of the Defending Democratic Institutions project at the Center for Strategic and International Studies. Previously, she served as undersecretary for the Department of Homeland Security, where she led the National Protection and Programs Directorate, which has transitioned to become the Cybersecurity and Infrastructure Security Agency. She has worked in the executive branch in Republican and Democratic administrations and on both sides of the aisle in Congress. She was general counsel for the Senate Select Committee on Intelligence and minority staff director for the House of Representatives Permanent Select Committee on Intelligence.