Earlier today the Wall Street Journal’s Risk and Compliance Journal published an interview with me and Steve Chabinsky from Crowdstrike about cybersecurity. In the interview, Steve and I make the case that the current paradigm for protecting companies against cyberattacks isn’t working, and that fixing it involves focusing on aligning private sector and government resources to locate and penalize the bad guys, rather than blaming the victims.

The interview can be found in the Wall Street Journal (subscription required).