In emergencies, federal agencies can avoid cumbersome rulemaking procedures. Uses of the “good cause” exception following 9/11 and the outbreak of the coronavirus offer insights relevant to the current cybersecurity threats to critical infrastructure.
Jim Dempsey is a lecturer at the UC Berkeley Law School and a senior policy advisor at the Stanford Cyber Policy Center. From 2012-2017, he served as a part-time member of the Privacy and Civil Liberties Oversight Board. He is the author of Cybersecurity Law Fundamentals (IAPP, 2021).
Subscribe to this Lawfare contributor via RSS.
Many federal agencies have existing authority that could be leveraged to improve the cybersecurity of private actors under their jurisdiction.
Systems based on artificial intelligence are susceptible to adversarial attack. Vulnerability disclosure and management practices can help address the risk.
A new directive on pipeline security issued by the TSA may signal a wider change in the government’s approach to cybersecurity policy.
In a paper we are making public today, we go beyond private right of action and preemption to consider enforcement frameworks outside the privacy field.
The new legislation is largely a ratification of measures already underway or completed.
The latest moves are part of a comprehensive strategy to purge anything Chinese from the U.S. telecommunications and internet ecosystem.