Inside Cybersecurity

September 19, 2021

Daily News

ISA’s Clinton: ‘Huge mistake’ to expand use of ‘backward-looking,’ ineffective cyber reg model

By Charlie Mitchell / February 5, 2021

Cyber regulation has generally created a “backward-looking” compliance approach to cybersecurity that is antithetical to actually improving security, according to the Internet Security Alliance’s Larry Clinton, who says effective risk-management alternatives are available.

“To begin with, traditional compliance is essentially a backward-looking pass-fail issue,” Clinton wrote in a Thursday blog post. “Cybersecurity, on the other hand, is a forward-looking risk management issue. In a compliance model you typically have to check off boxes indicating what you have done. You...


Log in to access this content.


Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.