Tomorrow, @megans.bsky.social joins the House Committee on Homeland Security for a hearing examining how cyber fraud & scams, nation-state targeting of critical infrastructure, and rapid advancements in AI-enabled cyber tools threaten our #cybersecurity.
homeland.house.gov/hearing/onli...
IST Exec in Residence @joshcorman.bsky.social joined the #ReimaginingCyber podcast to unpack the ever-evolving #cyber threat landscape, what it means that malicious state actors are turning towards critical infrastructure targets, and how the #UnDisruptable27 Initiative aims to help.
🛡️ Listen now:
IST's Jennifer Tang spoke with Inside AI Policy on #ProjectGlasswing, the role of the federal government & the 2025 AI Action Plan: “Anthropic …deserves credit. However, responsible self-governance by one company is not a governance framework.”
❇️ Read more: insideaipolicy.com/ai-daily-new...
The Justice Department notified Congress last week that hackers breached an unclassified surveillance management network used by the FBI. “The watchers have become the watched,” IST Chief Trust Officer and former senior FBI official Steve Kelly told @bloomberg.com.
🛡️ Read more:
🚀 On June 17 and 18, leading voices in ICS and cybersecurity will present to policymakers, think tanks, the media, and more at #CriticalEffectDC. This is your last chance to join them: submit your proposal to present before midnight on Saturday, 4/10 to be considered.
➡️ Apply now:
The Institute for Security and Technology is pleased to announce the inaugural cohort of the Andrew Carnegie AI-Nuclear Policy Accelerator, a program that will equip mid-career security practitioners with the tools to confront the intersection between AI and nuclear issues.
🎓 Learn more:
AI has “democracratized” cybercrime, according to a new analysis from GI-TOC. As bad actors increasingly rely on LLMs to carry out attacks, what happens if they lose control? The analysis cites the latest from IST’s #AIRiskReductionInitative to outline the risks of such a situation.
➡️ Read more:
🚀 In D.C. this June, leading voices in ICS & cybersecurity have the opportunity to engage with policymakers, think tanks, the media & more at #CriticalEffectDC. We're offering one more chance to join: the Call for Proposals is extended! Submit by Saturday, April 11 at 12 PM PT to be considered:
🚀 #CriticalEffectDC is set for June 17-18! This year, the conference is prioritizing innovative ideas to protect lifeline critical functions, especially for less resourced Target Rich, Cyber Poor institutions. Submit your proposal before midnight tomorrow, April 4, to be considered:
Every year, #RSAC transforms the SOMA neighborhood of San Francisco. But for returning attendees, this year felt a little different. In this edition of the TechnologIST, we sat down with IST's experts to get their post-conference takeaways.
🗞️ Read more: mailchi.mp/securityandt...
📤 Sharing information strategically can pay dividends.
🙋 Victim-centric approaches can engender better outcomes.
🤲Coordination can help mitigate transnational friction.
Today’s after action report summarizes the discussion held alongside on the margins of Singapore International Cyber Week and the Fifth CRI Summit, and presents 3 key takeaways:
While public-private partnerships are widely recognized as essential to countering #ransomware, both govs & private industry report the need for more collaboration. To close this gap, IST & partners convened a tabletop exercise to examine how partners coordinate during an incident.
🛡️ Read the AAR:
🚨NEW: 2025 Annual Report
What happens when the technologies that underpin our daily lives are not safe & secure? In 2025, IST faced complex national security challenges with concrete tools & actionable solutions.
➡️ Learn about our impact:
IST, in collaboration with a coalition of local and global partners, is excited to announce the launch of the México Ransomware Task Force to tackle the growing threat that ransomware poses to Mexican critical infrastructure and the country’s digital economy.
🛡️ Learn more about the #MexicoRTF:
...and lead the charge to uphold a rules- based international order and responsible state behavior in cyberspace; and fundamentally advance the global conversation on cyber policy. Congratulations David!
Learn more about the winners of the Third Annual #CyberPolicyAwards:
His award for lifetime achievement recognizes achievements over the course of his career at the Cyber Security Agency of Singapore to champion honest and productive dialogue in the international cybersecurity community...
David couldn’t make it to the gala in Washington, DC, so we brought his trophy to San Francisco to present it to him in person!
David Koh, the Commissioner of Cybersecurity and Chief Executive of the Cyber Security Agency of Singapore, was one of 7 winners of the Third Annual Cyber Policy Awards™ last month. The annual gala recognized achievement in cyber policy across policy, partnerships, research, journalism, and more.
🏆 At #RSAC this week, IST Chief Strategy Officer Megan Stifel, alongside Cyber Policy Awards Organizing Committee member Chris Painter and former National Cyber Director Chris Inglis, presented David Koh with the Cyber Policy Award™ for Lifetime Achievement.
For @cybersecuritydive.bsky.social, @ericjgeller.com gives a readout on yesterday’s #RSAC panel with @samsabin.bsky.social, @megans.bsky.social & more. “the rush to attribute is a risky one,” Megan said, noting that businesses should pause before naming a threat actor after an attack.
🛡️ Read more:
IST CSO @megans.bsky.social joined @claroty.bsky.social to discuss her recent op-ed on the Trump admin's National Cybersecurity Strategy: “We are at a place where industry probably has the best insight...together with the gov, we can really have a more offensive playbook."
🛡️ Watch the full ep:
“The risk tolerance of government looks a lot different than the risk tolerance of industry,” IST's Nicholas Leiserson sat down at #RSA with Congressional staffers to debrief on the recent legislative developments on information sharing, regulatory harmonization, the CVE program and more.
“We should have had Secure by Design a decade ago. We could have, should have, would have — but most of the country is living below the security poverty line. We need practical, shovel‑ready defenses now,” Josh said.
🛡️ Find IST at RSAC:
Is secure-by-design too late for our critical lifeline functions? At #RSA, IST's Josh Corman & Lauren Zabierek discuss the growing threat to our critical infrastructure systems and propose practical solutions, including both #SecurebyDesign and #CyberInformedEngineering principles.
Next up at #RSAC, IST's Nicholas Leiserson moderates a discussion with Congressional staff charged with overseeing the US government’s software systems, covering legislative developments on information sharing, regulatory harmonization, the CVE program & more. Join in Moscone West 2007 at 2:25 PM.
