Dave Aitel

daitelguest's picture

Dave Aitel

Subscribe to this Lawfare contributor via RSS.

Cyber & Technology

The Risks of Huawei Risk Mitigation

While there is widespread agreement that Huawei devices in 5G infrastructure pose some risk to the U.S. and allied nations, the policy community—in particular the U.K.’s National Cyber Security Centre—has paid insufficient attention to the technical aspects. The discussion must examine not simply whether China would use this technology maliciously, but the specific threats that Huawei equipment could pose and the extent to which these threats can be mitigated.

Cybersecurity

Decreasing Systemic Risk

Recently, Tim Maurer, Ariel Levite, and George Perkovich of the Carnegie Endowment for International Peace released a white-paper with a broad new proposal regarding the offensive cyber operations conducted by nation states, in an attempt to address acknowledged interdependent risk issues within the global financial system.

Cybersecurity

Everything You Know About the Vulnerability Equities Process Is Wrong

The vulnerability equities process (VEP) is broken. While it is designed to ensure the satisfaction of many equities, in reality it satisfies none—or at least, none visible to those beyond the participants of the insular process. Instead of meaningfully shaping best outcomes, the VEP provides thin public relations cover when the US government is questioned on its strategy around vulnerabilities.

Cybersecurity

Cyber Deterrence “At Scale”

This week, Senator Sheldon Whitehouse called for the creation of a cybersecurity “militia” to strengthen US defense. He suggested reexamining a “militia model that lets ordinary citizens come to their country's aid". Whitehouse’s remarks represent a growing focus on exploring mechanisms to incorporate civilian involvement and “active defense” into traditional government activities.

Cybersecurity

Enhancing National Cybersecurity Requires Surrendering the Crypto War

On Monday, Paul Rosenzweig suggested a number of areas in which the recently formed Commission on Enhancing National Cybersecurity should focus in charting the US government’s path forward. While I agree the government must rethink strategic policy choices, Rosenzweig is putting the cart before the horse.