A Step

The Securities and Exchange Commission is thinking about requiring publicly traded companies “promptly” to report data breaches and other significant cybersecurity incidents; “promptly” meaning within four days. Targeted companies, further, would be required to provide periodic updates about previous incidents and to report when a series of previously undisclosed, individually immaterial cybersecurity events has become material in the aggregate.

SEC Chairman Gary Gensler:

Cybersecurity incidents, unfortunately, happen a lot. Thus, investors increasingly seek information about cybersecurity risks, which can affect their investment decisions and returns.

Good to see Captain Sort of Obvious is more or less on top of this. There’s more to it, though, than just investment decisions.

Hacking our businesses aren’t only detrimental to the targeted companies. They’re far too often deliberate, coordinated attacks across industries, and so are threats to our national security. The attacks, even if done in isolation from each other by independently acting criminals (which is what hackers are), far too often aggregate into a threat to our national security.

Requiring reporting within four days is an improvement over the current weeks to months of delay. However, at the speed with which a hack attack can proceed through networks and across the Internet to other networks—especially with the cloud so ubiquitously in the middle—it’s necessary for the attacked business to report the fact of the attack immediately, not some convenient period of time later.

The rule should be expanded, too; although the expansion I suggest would be beyond the SEC’s ken, and so it would need to be enacted by Congress: private companies should be required to report such attacks, also, and just as promptly.

Russia, No-Fly Zones, and War

Highly touted Russia expert Rebekah Koffler ridiculed the idea of a no-fly zone being erected over Ukraine. Her disdain is not at all centered on practicalities—basing, logistics, etc—but on fear of war with Russia.

The Hill: Foreign policy experts call for ‘limited no-fly zone’ over Ukraine
Same “experts” who got UKR-RUS into this conflict in the first place, by promoting foolish ideas, not grounded in reality.
Now dragging us into WWIII.

And

If the “experts” believe a no-fly zone will make Putin stand down, they are dumb.
If they are running a PSYOP on Putin, it will have the opposite effect. Putin doesn’t think like an American. He thinks like a Russian.
P will interpret the move as escalatory, not de-escalatory.

Koffler’s underlying thesis that Putin doesn’t think like us is right. But in her terror of confronting Putin with a no-fly zone over Ukraine, she wants us to back away from a Putin threat of war against us. Talk about “dumb as a Siberian shoe….”

Her position raises the question: what are her recognition keys for when it is…appropriate…for us to stop backing away from Putin and instead to stand and confront him?

This “Russia expert” is carefully silent on matter. Maybe she’s not dumb as a Siberian shoe…. Maybe it’s more that As a lamb she sitteth meke and stille, as leef on lynde.