Wednesday, April 12, 2017FACEBOOK | TWITTER | LINKEDIN 

 

Today's Insight

The Zero­Day Dilemma: Should Government Disclose Company Cyber SecurityGaps? | Levi Maxey, The Cipher BriefThe choices for intelligence agencies are, in short, to either collect and retain zero­dayvulnerabilities to glean crucial intelligence, or, instead, to collect and disclose security flawsto companies so that they may design and distribute patches for them.

Expert Commentary

Intel Agencies That See Something Should Say Something | Marshall Erwin, SeniorStaff Analyst, MozillaPast debate about vulnerability disclosure has focused on the potential for independentdiscovery, meaning that if the U.S. government knows about an unpatched vulnerability in,for example, an electronic device’s source code, that vulnerability could be independentlydiscovered by a foreign adversary – an event known as a collision – and used by thatadversary.

Who Decides When to Tell a Company Its IT is Vulnerable | Ari Schwartz, FormerSenior Director for Cybersecurity, National Security Council"The recent high­profile leaks demonstrate the importance of the Vulnerabilities EquitiesProcess and explain the push to re­establish and strengthen it during the Obamaadministration. It is much more difficult to keep secrets than it used to be. Governmentagencies should not assume that they will be the only ones that know about a particularvulnerability for years, as was true in the past."

Today's Column: Expert View

The Russian B Team | John Sipher, Former Member, CIA's Senior Intelligence Service"As a former intelligence professional, I was not impressed with the Russian operation.  Iwould have given them their due if the attacks were elegant, subtle, and hid the Russianhand.  Instead, despite the importance of the target (the U.S. democratic system), theattack was no more than a lame phishing expedition by a known Russian proxy.  Itappeared to require minimal effort, displayed no style, and was poorly hidden."

Podcasts

The Cipher Brief Daily Podcast

Get a daily rundown of the top security stories and previews of the exclusive contentavailable on The Cipher Brief. Listen now - on iTunes or on our website

15 Minutes

CIPHERBRIEF

Today's Insight

Wednesday, April 12, 20/7FACEBOOK I TWITTER I LINKEDIN

The Zero-Day Dilemma: Should Government Disclose Company Cyber SecurityGaps? I Levi Maxey, The Cipher BriefThe choices for intelligence agencies are, in short, to either collect and retain zero-dayvulnerabilities to glean crucial intelligence, or, instead, to collect and disclose security flawsto companies so that they may design and distribute patches for them.

Expert Commentary

Intel Agencies That See Something Should Say Something I Marshall Erwin, SeniorStaff Analyst, MozillaPast debate about vulnerability disclosure has focused on the potential for independentdiscovery, meaning that if the U.S. government knows about an unpatched vulnerability in,for example, an electronic device's source code, that vulnerability could be independentlydiscovered by a foreign adversary — an event known as a collision — and used by thatadversary.

Who Decides When to Tell a Company Its IT is Vulnerable I An Schwartz, FormerSenior Director for Cybersecurity, National Security Council"The recent high-profile leaks demonstrate the importance of the Vulnerabilities EquitiesProcess and explain the push to re-establish and strengthen it during the Obamaadministration. It is much more difficult to keep secrets than it used to be. Governmentagencies should not assume that they will be the only ones that know about a particularvulnerability for years, as was true in the past."

Today's Column: Expert ViewThe Russian B Team I John Sipher, Former Member, CIA's Senior Intelligence Service"As a former intelligence professional, I was not impressed with the Russian operation. Iwould have given them their due if the attacks were elegant, subtle, and hid the Russianhand. Instead, despite the importance of the target (the U.S. democratic system), theattack was no more than a lame phishing expedition by a known Russian proxy. I tappeared to require minimal effort, displayed no style, and was poorly hidden."

PodcastsThe Cipher Brief Daily PodcastGet a daily rundown of the top security stories and previews of the exclusive contentavailable on The Cipher Brief. Listen now - on iTunes or on our website

15 Minutes

This week The Cipher Brief's Executive Producer and Reporter Leone Lakhanispeaks to Carmen Medina, former CIA Deputy Director of Intelligence and a long-time advocate of diversity in the Agency. She’s also the co-author of Rebels at Work,a book in which she shares the virtues of being a rebel in the workplace. A self-styledrebel herself, Carmen tells Leone how she shook up the Agency, and why she seesthe world differently. 

Listen to 15 Minutes with Carmen Medina on Diversity at the CIA - or get it on

iTunes.

Click here for more information

Don't Miss On The Cipher Brief

Despite Rhetoric, U.S. Policy on Russia Unclear | Kaitlin Lavinder and MackenzieWeinger, The Cipher BriefSecretary of State Rex Tillerson is in Moscow for meetings with Russian officials at a timewhen U.S. rhetoric toward Russia has intensified in the wake of a deadly chemicalweapons attack in Syria.

Trump says North Korea "Looking for Trouble" | Steve Hirsch, The Cipher BriefIt is too early to tell whether the U.S. military responses to North Korea and Syria signal apolicy shift or emergence of a Trump administration strategy, a handful of members of TheCipher Brief Network say. Although President Donald Trump has seen support from somesurprising quarters over recent days, particularly in reaction to the Syria missile strike, ourexperts are cautious about assuming the moves reveal a new policy by a still­newadministration.

State of Play Review: Homeland Finale, "America First" | Michael Sulick, FormerDirector, CIA National Clandestine ServiceIn this ongoing series, Michael Sulick reviews each episode of Showtime's "Homeland" ­

and adds what the national security­focused show "nailed" and "failed" from his

perspective as a former senior member of the intel community.

The Cipher Brief is hiring.

Do you have a favorite way to spell “Muammar Qaddafi?” Then you’ll probably fitright in at The Cipher Brief. Join us as we report on evolving security threats aroundthe globe.

Featured Job: Digital Media Manager

We’re looking for someone with a strong background in national security and

This week The Cipher Brief's Executive Producer and Reporter Leone Lakhanispeaks to Carmen Medina, former CIA Deputy Director of Intelligence and a long-time advocate of diversity in the Agency. She's also the co-author of Rebels at Work,a book in which she shares the virtues of being a rebel in the workplace. A self-styledrebel herself, Carmen tells Leone how she shook up the Agency, and why she seesthe world differently.

Listen to 15 Minutes with Carmen Medina on Diversity at the CIA - or get it oniTunes.

THE CIPHER BRIEF ANNUALTHREAT CONFERENCE- -

4 - 1 1 1 1 1 1 1 1 1 0 j U N E 21-23,-.2"I..017 S E A ISLAND, GA

Click here for more information

Don't Miss On The Cipher BriefDespite Rhetoric, U.S. Policy on Russia Unclear I Kaitlin Lavinder and MackenzieWeinger, The Cipher BriefSecretary of State Rex Tillerson is in Moscow for meetings with Russian officials at a timewhen U.S. rhetoric toward Russia has intensified in the wake of a deadly chemicalweapons attack in Syria.

Trump says North Korea "Looking for Trouble" I Steve Hirsch, The Cipher BriefIt is too early to tell whether the U.S. military responses to North Korea and Syria signal apolicy shift or emergence of a Trump administration strategy, a handful of members of TheCipher Brief Network say. Although President Donald Trump has seen support from somesurprising quarters over recent days, particularly in reaction to the Syria missile strike, ourexperts are cautious about assuming the moves reveal a new policy by a still-newadministration.

State of Play Review: Homeland Finale, "America First" I Michael Sulick, FormerDirector, CIA National Clandestine ServiceIn this ongoing series, Michael Sulick reviews each episode of Showtime's "Homeland" -and adds what the national security-focused show "nailed" and "failed" from hisperspective as a former senior member of the intel community.

The Cipher Brief is hiring.

Do you have a favorite way to spell "Muammar Qaddafi?" Then you'll probably fitright in at The Cipher Brief. Join us as we report on evolving security threats aroundthe globe.

Featured Job: Digital Media ManagerWe're looking for someone with a strong background in national security and

intelligence, a knack for creating killer content, and experience working with varioussocial media platforms in a news context. Find out more

The Cipher Take

South Korean Presidential Frontrunner Open to Direct Talks with North KoreaMoon Jae­in, the Democratic Party candidate and current presidential frontrunner in SouthKorea, stated that he would deal directly with North Korean leader Kim Jong­un in order tostop the North’s nuclear program. Moon said, “I feel that we should take the lead,” and, “Atpresent, we are spectators who hope for the U.S.­China talks to go well.”

The Cipher Take: The outcome of the South Korean election, which will occur May 9, could have importantramifications for U.S. North Korea policy. Since the impeachment of former President Park

Geun­hye, South Korea has been leaderless on foreign policy. Moon’s proposed policy of

direct dealings with North Korea would go against recent U.S. policies of sanctions and

shows of force. The U.S. may find a more agreeable ally if a conservative candidate wins,

as historically conservatives favor a hardline stance on North Korea. No matter who wins

May 9, the U.S. will lose some of its freedom in pursuing North Korea policy as it will have

to cooperate with the new South Korean administration.

Want more of The Cipher Take? Read the rest of our analysis on today's headlinesat thecipherbrief.com.

Upcoming Cipher Brief Events

The Cipher Brief's State of Play Salon Series Presents: #1 New York TimesBestselling Author, Alex Berenson | Wednesday, April 26The Cipher Brief's CEO Suzanne Kelly welcomes Alex Berenson, the author of the criticallyacclaimed John Wells series. Alex will be discussing his latest book, The Prisoner, as wellas how he balances the world of espionage with entertainment. You’ll discover how a NewYork Times reporter became a world­renowned author whose work is a must­read fornational security veterans.Limited space available upon request.

General Keith AlexanderFormer Director, National Security Agency

__________________ 

intelligence, a knack for creating killer content, and experience working with varioussocial media platforms in a news context. Find out more

The Cipher TakeSouth Korean Presidential Frontrunner Open to Direct Talks with North KoreaMoon Jae-in, the Democratic Party candidate and current presidential frontrunner in SouthKorea, stated that he would deal directly with North Korean leader Kim Jong-un in order tostop the North's nuclear program. Moon said, "I feel that we should take the lead," and, "Atpresent, we are spectators who hope for the U.S.-China talks to go well."

The Cipher Take:The outcome of the South Korean election, which will occur May 9, could have importantramifications for U.S. North Korea policy. Since the impeachment of former President ParkGeun-hye, South Korea has been leaderless on foreign policy. Moon's proposed policy ofdirect dealings with North Korea would go against recent U.S. policies of sanctions andshows of force. The U.S. may find a more agreeable ally if a conservative candidate wins,as historically conservatives favor a hardline stance on North Korea. No matter who winsMay 9, the U.S. will lose some of its freedom in pursuing North Korea policy as it will haveto cooperate with the new South Korean administration.

Want more of The Cipher Take? Read the rest of our analysis on today's headlinesat thecipherbrief.com.

Upcoming Cipher Brief EventsThe Cipher Briefs State of Play Salon Series Presents: #1 New York TimesBestselling Author. Alex Berenson I Wednesday, April 26The Cipher Briefs CEO Suzanne Kelly welcomes Alex Berenson, the author of the criticallyacclaimed John Wells series. Alex will be discussing his latest book, The Prisoner, as wellas how he balances the world of espionage with entertainment. You'll discover how a NewYork Times reporter became a world-renowned author whose work is a must-read fornational security veterans.Limited space available upon request.

C

tic*General Keith Alexander

Former Director, National Security Agency

"The Cipher Brief is comprehensive providing in­depth expertise that spans globally

relevant issues. In a world that is constantly changing, the Cipher Brief is proactive in

identifying the critical conversations and engaging subject matter experts in the public and

private sectors to help drive solutions."  

THE CIPHER BRIEF | ABOUT US | ADVERTISE | EVENTS |  WORK FOR US |

Have any feedback? Please Email us at info@thecipherbrief.com

Copyright © 2017 The Cipher, All rights reserved.

"The Cipher Brief is comprehensive providing in-depth expertise that spans globallyrelevant issues. In a world that is constantly changing, the Cipher Brief is proactive in

identifying the critical conversations and engaging subject matter experts in the public andprivate sectors to help drive solutions."

THE CIPHER BRIEF I ABOUT US I ADVERTISE I EVENTS I WORK FOR US I

Have any feedback? Please Email us at info@thecipherbrief.com

Copyright @ 2017 The Cipher, All rights reserved.