DFARS Compliance is Sticky Business In a post about use of the carrot or the stick (rewards versus threat of a smack) as persuasion tools for behavior change, I noted that compliance regimens always use the stick. DFARS, in particular, is a good example of DoD making use of the big stick to force changes in behavior.
Wait! What! There's no spell for that? There's talk of cyber security action strategies within the first 100 days of the new U.S. government administration. Awareness of what defenders are facing may help one sort out which might be useful, and which are wishful thinking. When it comes to the defense of systems and the
With the escalating threat environment, how do corporations and smaller countries defend against foreign nation states who may be super powers with many offensive weapons? For that matter, how does a super power like the U.S. defend, when they are so vulnerable and defenses are so porous? No one's doing a great job but