Five Cybersecurity Tips from Book by Dream Team

"The risk is existential. Nothing is more important," says Visa CEO Charles Scharf of cybersecurity in Navigating the Digital Age: The Definitive Cybersecurity Guide for Directors and Officers. (All other books may be interesting, thought-provoking and thorough...but they ain't definitive.) We stopped by a launch party for the book at Baker & McKenzie's DC office with co-hosts Palo Alto Networks and The Chertoff Group.

On the terrace, we snapped DHS Deputy Secretary Alejandro Mayorkas and Baker & McKenzie global cybersecurity chair David Lashway. David authored a chapter in the book, which was published by the New York Stock Exchange and network security company Palo Alto Networks. Here are five insights from the book and launch party:

1. There's no standard of care that guides companies and individuals when it comes to cybersecurity, says Alejandro. They're seeing the standard defined through regulatory action and the actions of state AGs, which is a precarious position for GCs, he says.

2. There's tension between government and the private sector, with a volatile area between legitimate privacy interests and the government's need to investigate terrorist and criminal activity.

Former Special Assistant to the President (Obama) and Senior Director for Cybersecurity National Security Council at the White House Ari Schwartz.

3. DHS is a proponent of removing the profit element from sharing cyber threat indicators, says Alejandro, making those a service of the public good. Information sharing raises the bar of cyber hygiene throughout the system and, for hackers, raises the cost of doing business. (One consequence, as Palo Alto's CEO points out in the book, is forcing hackers to pool resources, making them more visible to law enforcement.)

Retired Major Gen. John Davis, center, is Palo Alto Networks' VP and Chief Security Officer.

4. John says a change to a "prevention mindset" is imperative. The company's cybersecurity focus is on technology (real-time integrated network sharing, not just by malware signatures but by behaviors), people (training on issues like "removable media" and insider threat), and processes (top-down management and information sharing between organizations).

5. On the Cybersecurity Information Sharing Act, John tells us they're waiting to see the final language before taking a stand. But they do believe developing trusted partnerships is important. The company is one founder of the Cyber Threat Alliance. Each member of the group agrees to share 1,000 new malware signatures per day at no cost.

We also snapped Lockheed Martin Chief Privacy Officer and Associate GC Jim Byrne, Baker & McKenzie global cybersecurity practice co-head John Woods, and Mandiant's Tim Parisi. John's co-chair, David compares today's computer networks to old-time trading at sea, which resulted in many shipwrecks. The advent of a complex system of lighthouses helped secure the system of trade. Like those lighthouses, David says, this book is meant to shed light on the challenges and rocky shoals of modern trade routes.