Events , RSA Conference , RSA Conference Videos

How 'Radical Transparency' Can Bolster Cybersecurity

Ex-DHS Official Suzanne Spaulding and Jim Richberg of Fortinet on Critical Concepts
Jim Richberg, head of global policy and field CISO, Fortinet, and Suzanne Spaulding, former undersecretary, Department of Homeland Security

The concept of "responsible radical transparency" plays a critical role in efforts to improve the state of cybersecurity, said Suzanne Spaulding, former undersecretary, Department of Homeland Security, and Jim Richberg, head of global policy and field CISO at security firm Fortinet.

See Also: NHS Ransomware Attack: Healthcare Industry Infrastructures Are Critical

"The shelf life of secrets is vanishingly short," Spaulding said. "There are tremendous costs in trying to keep information secret, and there are also opportunity costs, as we saw in 9/11 where we failed to share information."

"A transparent world is coming full steam ahead," she added. "If you train to fight in the dark, you could meet your enemy in the dark, turn off the light, and you'd have the advantage. But we need to train to fight in the light. Whoever can learn to operate in a transparent world with fewer secrets is going to have the advantage."

Richberg pointed out that defenders need good metrics. "We are really too often guessing at something or throwing darts at a dartboard," he said.

In this video interview with Information Security Media Group at RSA Conference 2024, Richberg and Spaulding also discussed:

  • How U.S. government agencies such as CISA have begun to embrace "responsible radical transparency" in their various programs;
  • The significance of technology vendors taking CISA's seven-point voluntary "secure by design" pledge, which embraces responsible radical transparency;
  • Why a "transparent world is coming."

Richberg has more than 30 years of experience driving innovation in cyber intelligence, policy and strategy for the U.S. government and international partners. He served as National Intelligence Manager for Cyber and as the senior Federal Executive focused on cyber intelligence within the more than $80 billion U.S. Intelligence Community annual operating budget. He was the senior adviser to the Director of National Intelligence on cyber issues and set collection and analytic priorities for the IC's 17 departments and agencies on cyberthreats. 

Spaulding serves as a member of the Cyberspace Solarium Commission and is also senior adviser for homeland security and director of the Defending Democratic Institutions project at the Center for Strategic and International Studies. Previously, she served as undersecretary for the Department of Homeland Security, where she led the National Protection and Programs Directorate, which has transitioned to become the Cybersecurity and Infrastructure Security Agency. She has worked in the executive branch in Republican and Democratic administrations and on both sides of the aisle in Congress. She was general counsel for the Senate Select Committee on Intelligence and minority staff director for the House of Representatives Permanent Select Committee on Intelligence.

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.