research & standards

May 9, 2025 Early in 2024 I met Ms. Vergara-Cobos at a conference where we shared some information about our recent respective work activities. She disclosed to me about her work leading a research study at the World Bank that focused on how cybersecurity impacts the growth of developing countries. This struck me as a […]

August 21, 2024 CISA has been working hard over the last 6 years to turn the tide on the never-ending stream of zero days and vulnerable systems that continue to plague our everyday lives. In 2018, it formed the ICT SCRM Task Force—a public-private partnership charged with identifying challenges and developing actionable solutions to enhance […]

Press Release – March 7, 2024 SRI chosen to deliver cyber-psychology-informed network defense technology for IARPA  The innovative program will be centered around the psychology of cyber attackers.   [March 7, 2024]: Menlo Park, CA – SRI announced today that it has been selected by Intelligence Advanced Research Projects Activity (IARPA) to deliver advanced technology for its recently announced Reimagining […]

April 18, 2024 It is evident over the last few years that central national governments are applying tighter controls on the security of software and hardware products – from labels for IoT devices in the US and abroad, to controls over AI research and bans on high risk AI models, to more timely reporting requirements on vulnerabilities, ransomware, […]

For several years I have been honored to be a guest at the annual Forum on Financial Information Systems and Cybersecurity: A Public Policy Perspective organized at the University of Maryland by Larry Gordon, EY Alumni Professor of Managerial Accounting and Information Assurance; Martin Loeb, professor of accounting and information assurance and a Deloitte & […]

People make decisions every day that involve risk and uncertainty. Generally, we reconcile a variety of decision models using risk criteria often provided by organizational policies and/or guided by a variety of personal belief and trust systems. Many times we are forced to address ambiguous situations in uncertain ways, using uncertain terms and with uncertainty […]

Current Security Trends Reveal Difficulties in Assuring Authenticity Recently I was thinking about some of the major security challenges and problems of 2020 and going forward into 2021 like the ongoing SolarWinds supply chain mitigation issues; election fraud; the problems around disinformation and deepfakes; false flags in cyberattacks and the difficulties in making accurate attribution; […]