ISA's Clinton calls for procurement-based incentives, critiques Pentagon certification plans

A key private-sector leader is criticizing an initiative aimed at securing the Defense Industrial Base as “over-regulation” while advocating incentives, over liability, for filling gaps between private and public assessments of cybersecurity risks.

“The regulation is actually not improving our security, in fact it is anti-security because it is driving away some of our better suppliers who can do their business elsewhere,” said Larry Clinton, president and CEO of the Internet Security Alliance, referring to the Defense Department’s Cybersecurity Maturity...