Recent stories in Cyberscoop and TechCrunch indicate that the Department of Homeland Security is asking Congress to grant the Cybersecurity and Infrastructure Security Agency (CISA) the power to issue administrative subpoenas to internet service providers (ISPs).
Dr. Herb Lin is senior research scholar for cyber policy and security at the Center for International Security and Cooperation and Hank J. Holland Fellow in Cyber Policy and Security at the Hoover Institution, both at Stanford University. His research interests relate broadly to policy-related dimensions of cybersecurity and cyberspace, and he is particularly interested in and knowledgeable about the use of offensive operations in cyberspace, especially as instruments of national policy. In addition to his positions at Stanford University, he is Chief Scientist, Emeritus for the Computer Science and Telecommunications Board, National Research Council (NRC) of the National Academies, where he served from 1990 through 2014 as study director of major projects on public policy and information technology, and Adjunct Senior Research Scholar and Senior Fellow in Cybersecurity (not in residence) at the Saltzman Institute for War and Peace Studies in the School for International and Public Affairs at Columbia University. Prior to his NRC service, he was a professional staff member and staff scientist for the House Armed Services Committee (1986-1990), where his portfolio included defense policy and arms control issues. He received his doctorate in physics from MIT.
Subscribe to this Lawfare contributor via RSS.
Attorney General William Barr gave a speech on encryption at the International Conference on Cyber Security at Fordham University on July 23 that went over the usual law enforcement arguments for exceptional access.
The New York Times reported on June 15 that “the United States is stepping up digital incursions into Russia’s electric power grid in a warning to President Vladimir V. Putin.” In particular, the Times reported that the United States has deployed code “inside Russia’s grid and other targets”—that is, “potentially crippling malware inside the Russian system, ...
Last month, the First American Financial Corporation—which provides title insurance for millions of Americans—acknowledged a cybersecurity vulnerability that potentially exposed 885 million private financial records related to mortgage deals to unauthorized viewers. These records might have revealed bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and driver’s license images to such viewers.
Today, Lawfare published an article by Alexei Bulazel, Sophia d’Antoine, Perri Adams and Dave Aitel on “The Risks of Huawei Risk Mitigation” that seemingly disagrees with an earlier piece of mine on the topic.
Despite Google’s recent dissolution of its artificial intelligence (AI) ethics board, IT vendors (including Google) are increasingly defining principles to guide the development of AI applications and solutions. And it’s worth taking a look at what these principles actually say.
Based on cybersecurity concerns, the United States, Australia and New Zealand have staked out policy positions that prevent or strongly discourage the acquisition of Huawei 5G technology for use in the national communications infrastructure of these nations. Other U.S. allies have announced or are considering policy positions that do not go so far and would indeed allow such acquisition at least to some extent.