Justin Sherman (@jshermcyber) is a fellow at the Atlantic Council's Cyber Statecraft Initiative, a research fellow at the Tech, Law & Security Program at American University Washington College of Law, and a cyber policy fellow at the Duke Tech Policy Lab. He was previously a cybersecurity policy fellow at New America and a fellow at Duke Law School's Center on Law & Technology.
Subscribe to this Lawfare contributor via RSS.
CFIUS forced a Chinese firm to sell Grindr in 2019. Yet the application is sharing data widely today, including to a company in China.
Some U.S. laws and documents provide a foundation. But is a distinction between “data brokers” and the practice of “data brokerage” the right approach?
What does the report reveal about online extremism and the efforts to counter it?
As nations become increasingly interested in defending against supply chain attacks, it is necessary to establish trust in digital systems. Here, we evaluate the strengths and limitations of various trust-building proposals.
Three principles for tackling the security risks of foreign-made software.
Three principles for tackling the security risks of foreign-made software.
A lot of media attention is devoted to foreign-owned software like TikTok and WeChat, but an ongoing and less-covered policy shift is occurring in how the U.S. government screens foreign-owned telecoms for security risks as well.