Melissa Hathaway hasn't shied away from advising corporate boards and government leaders on cybersecurity policy since leaving the White House a decade ago. Currently a member of the Centre for International Governance Innovation's board of directors, Hathaway recently spoke about current digital risks at a CIGI conference last month. Hathaway also provides consulting services as president of Hathaway Global Strategies, and most recently, was tapped by data protection vendor Commvault to chair its newly formed Cyber Resilience Council. During a meeting in New York City, Hathaway shared her views on the latest global cybersecurity threats from China and Russia, and the impact of the war in Israel. Hathaway: Ransomware is on the rise, and it has become very sophisticated. Hathaway: Yes, but it doesn't have to be just that. Hathaway: The new White House strategy is focused a lot on making companies more responsible for not only their product and introducing secure development lifecycle, but also making them more responsible for their governance and enterprise risk management. I think that this administration is really focused on making corporates responsible. Hathaway: They're just taking a different approach. Hathaway: In 2010 I wrote that there was an important moment for the SEC, FCC, and FTC to own their authorities to get to resilience. I think that there's a challenge when you have all the regulators going in different directions. DR: With the current policies that are being laid out and proposed, to what effect do you think the outcome of the next presidential election could change those policies if there is a change in administrations? Hathaway: You have the new SEC Rule and it took almost 13 years to get that rule in place. Hathaway: They are a leading cyber power and probably have more manpower of meeting their overall national objectives than we do in the US or anywhere. Industrial espionage has been going on for more than a decade, and they're continuing to move that path forward. If you start to think about that [as] a transition in the financial services systems around the world, they've got an interbank digital currency exchange that's outside of the US dollar through the CBDCs. Hathaway: We have to look at Russia, China, Iran, [and] North Korea in different lenses. That requires us to think about things differently. We need to really be thinking about the next generation standards - we lost on 5G, are we going to lose on 6G too? And that requires us to really think about international standards differently. I think we also need to be thinking about what are some of the cases that we're going to have to be thinking about - when you move to 5G and you're moving to the cloud, and you've got autonomous everything, you're going to have edge compute - that's going to have a whole very different set of policies on that data movement, from my driverless car to your driverless car, and what's processing them at the edge, so neither of us will have a problem. We're not really addressing that security, the data security, data privacy, the data movement, and this edge processing that's going to go forward. That requires us to really think about a different architecture about resilience, safety, privacy, and security. That conversation I don't really think has started in our country, and we need to start it now. It's causing a lot of confusion, but there's a lot of experimentation happening from a lot of groups, not just Hamas or Hezbollah - there's a lot of experimentation happening with, I would say, the malicious activities' disinformation as well as malicious software. I think second, we're going to see a supply chain disruption of the Israeli IT and cyber industry that I don't think we've thought through what's going to happen. As you mobilize 300,000 reservists, some of which are in that industry, some of these industry providers are going to have a slowdown or a disruption. Israel is a leading innovator in some of these things; I think that there's going to be a supply chain disruption coming because they are a leader in IT. Third, I just worry about the overall stability of the region; we've got a lot of geopolitical instability [and] too much around the world right now. DR: Obviously, there are a lot of Israeli cybersecurity companies or even companies like Microsoft, Check Point, Google, and many others. Hathaway: Well, you have the tech innovation center at Beersheba, but then you have a very large IT tech cyber industry in Israel that serves and works and partners with all Silicon Valley, and Seattle, Boston, and such. I think that there's going to be a disruption that we need to anticipate because this war is not going to be done anytime soon.
This Cyber News was published on www.darkreading.com. Publication date: Thu, 30 Nov 2023 20:25:01 +0000