Herb Lin

HLin's picture

Dr. Herb Lin is senior research scholar for cyber policy and security at the Center for International Security and Cooperation and Hank J. Holland Fellow in Cyber Policy and Security at the Hoover Institution, both at Stanford University. His research interests relate broadly to policy-related dimensions of cybersecurity and cyberspace, and he is particularly interested in and knowledgeable about the use of offensive operations in cyberspace, especially as instruments of national policy. In addition to his positions at Stanford University, he is Chief Scientist, Emeritus for the Computer Science and Telecommunications Board, National Research Council (NRC) of the National Academies, where he served from 1990 through 2014 as study director of major projects on public policy and information technology, and Adjunct Senior Research Scholar and Senior Fellow in Cybersecurity (not in residence) at the Saltzman Institute for War and Peace Studies in the School for International and Public Affairs at Columbia University. Prior to his NRC service, he was a professional staff member and staff scientist for the House Armed Services Committee (1986-1990), where his portfolio included defense policy and arms control issues. He received his doctorate in physics from MIT.

Subscribe to this Lawfare contributor via RSS.

Encryption

A Lesson from the College Admissions Scandal for the Encryption Debate

Last Tuesday, the U.S. attorney’s office in Massachusetts announced charges against dozens of parents, college sports coaches and test-prep teachers with in a scheme to win admission to big name universities including Georgetown, Yale and Stanford. Of particular interest for this blog posting is the following excerpt from one of the charging documents.

Cybersecurity and Deterrence

Active Cyber Defense and Interpreting the Computer Fraud and Abuse Act

In the cybersecurity field, the term “active defense” is often used in a variety of ways, referring to any activity undertaken outside the legitimate span of control of an organization being attacked; any non-cooperative, harmful or damaging activity undertaken outside such scope; or any proactive step taken inside or outside that span of control.

Cyber & Technology

Proposal for a Cyber-International Committee of the Red Cross

This article proposes the creation of an international organization modeled after the International Committee of the Red Cross (ICRC) to provide assistance and relief to vulnerable citizens and enterprises affected by serious cyberattacks. Companies that have signed onto the Tech Accord principles would form the core of the organization, thereby filling an important gap in an increasingly volatile geopolitical environment.