Joel Brenner

Joel F. Brenner specializes in cyber and physical security, data protection and privacy, intelligence law, the administration of classified information and facilities, and the regulation of sensitive cross-border transactions. He was Senior Counsel at the National Security Agency, advising Agency leadership on the public-private effort to create better security for the Internet. From 2006 until mid-2009, he was the head of U.S. counterintelligence under the Director of National Intelligence and was responsible for integrating the counterintelligence activities of the 17 departments and agencies with intelligence authorities, including the FBI and CIA and elements of the Departments of Defense, Energy, and Homeland Security. From 2002 – 2006, Mr. Brenner was NSA’s Inspector General, responsible for that agency’s top-secret internal audits and investigations. He is the author of America the Vulnerable: Inside the New Threat Matrix of Digital Espionage, Crime, and Warfare.

Subscribe to this Lawfare contributor via RSS.


What the Trump Administration Must Do to Protect Critical Infrastructure

The critical networks keep America’s lights on, our communications humming, and the banks open for business are insecure, and we’ve known it for a long time. From the Stuxnet virus to Russia’s cyberattack on Ukraine’s electric grid last year, hackers have shown that they can physically disable the systems that control our power, pipelines, railway switches, financial networks, and much else.


U.S. Law Students' Chance to Shape Privacy Law and Expose European Hypocrisy

Many of us on this side of the Atlantic have believed for a long time that citizens’ data is protected as well or better from government access in the United States than it is in Europe, notwithstanding the extraordinary and emotional contrary narrative spurred by the Snowden revelations. Europeans nevertheless continue to challenge U.S. procedures for protecting information. In at least one respect, their position has merit: European citizens have heretofore had no standing to challenge alleged abuse of their data in this country. It appears that may be about to change.

Media Criticism

Hypocrisy Revealed! U.S. Exploits Vulnerabilities, Gathers Foreign Intelligence

We now know the shocking truth. The FBI has success­fully exploited a software vulnerability to obtain access, through recruited hackers, to networks operated by the governments of Brazil, Pakistan, Nige­ria, and Turkey and---hold your breath---Iran and Syria. Even more startling, especially to those despairing of our government agencies’ ability to cooperate with one another, the New York Times (Mark Mazetti) this week disclosed that---get this---“the F.B.I.


The Policy Tension on Zero-Days Will Not Go Away

The proposition that NSA should under no circumstances stockpile zero-day vulnerabilities, but should in all cases disclose them in order to perfect defenses, apparently has appeal in some quarters.  It is based on at least two false assumptions.  The first is that the number of zero-days is finite, or, if not finite, then at least small enough that, at prevailing market prices, the United States could clear the market without either bankrupting the Treasury or creating inflation of Argentine dimensions.  Someone should do the math on this, but surely the assumption is incorrect.  The number o


Cyber Threat Information and the Antitrust Canard

Those of us who tried to do big things in government have learned to be grateful for small things.  Yesterday, the Justice Department’s Antitrust Division and the Federal Trade Commission jointly declared, “they do not believe that antitrust is---or should be---a roadblock to legitimate cybersecurity information sharing.” The business press immediately jumped on this as a giant step forward, removing a big impediment to the sharing of cyber threat information among private parties.