Gregory Falco

Gregory Falco is a Security Researcher at Stanford focusing on Cyber Risk Management and Cyber Insurance. He received his PhD from MIT in Cybersecurity, Urban Science and Infrastructure Management, where he conducted research at the Computer Science and Artificial Intelligence Laboratory (CSAIL). He is the CEO and Co-Founder of NeuroMesh, an IoT Security Company that is working with major smart grid, routing, and electronics manufacturers to secure their devices using the bitcoin blockchain and machine learning. Falco was listed on Forbes 30 Under 30 in Enterprise Technology for his pioneering work in this field. He has taught at Columbia University, Harvard University, and MIT on topics including Smart Cities/IoT, Intro to Machine Learning and Python, and Cyber Risk Management. Falco will be teaching a course at Stanford in the Spring on Cyber Risk. He has published in top IEEE Journals, frequently speaks at industry conferences and is working on an executive's handbook to Cyber Risk. Falco's current work at Stanford includes developing a research agenda for Cyber Risk and analyzing the crucial role of the cyber insurance industry. His dissertation was funded in part by NASA's Jet Propulsion Laboratory and focused on building attack methodologies for AI Planners to secure space mission systems. Falco also developed and investigated the emergent field of Defensive Social Engineering (using social engineering against hackers) and Cyber Negotiation. Prior to his academic career, Falco was an executive at Accenture where he co-founded and led their Smart City Strategy practice.

Subscribe to this Lawfare contributor via RSS.

Cybersecurity and Deterrence

Active Cyber Defense and Interpreting the Computer Fraud and Abuse Act

In the cybersecurity field, the term “active defense” is often used in a variety of ways, referring to any activity undertaken outside the legitimate span of control of an organization being attacked; any non-cooperative, harmful or damaging activity undertaken outside such scope; or any proactive step taken inside or outside that span of control.