Paul Rosenzweig

prosenzweig's picture

Paul Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company and a Senior Fellow at the R Street Institute. He is also a Senior Advisor to The Chertoff Group. Mr. Rosenzweig formerly served as Deputy Assistant Secretary for Policy in the Department of Homeland Security. He is a Professorial Lecturer in Law at George Washington University and a Board Member of the Journal of National Security Law and Policy.

Subscribe to this Lawfare contributor via RSS.

Cybersecurity

Preliminary Observations on the Utility of Measuring Cybersecurity

Cybersecurity is a bit like obscenity. It seems that we know it when we see it, but we have a great deal of difficulty describing it, categorizing it or counting it. Much as with obscenity, there are some obvious answers on which all can agree—having an “internet of things” system with a hard-coded password of “123456” is insecure by any measure—but there is a vast gray area in between the poles where tradeoffs, cost-benefit assessments, and issues of practicality and scalability lurk.

The Russia Connection

Jared, Call the FBI

In a remarkable interview with Axios on HBO, Jared Kushner, a senior adviser in the White House (and, coincidentally, the president's son-in-law), made a number of notable statements. Among them is his ambivalence regarding how he might handle a Russian approach (akin to the infamous Trump Tower meeting) if it were to happen again.

Cybersecurity

Progress in Cybersecurity: Toward a System of Measurement

How do we quantify safety and security? That fundamental question underlies almost all modern national security questions (and, naturally, most commercial questions about risk as well). The cost-benefit analysis inherent in measuring safety and security drives decisions on, to cite just a few examples, new car safety devices, airplane maintenance schedules and the deployment of border security systems. In a world where resources are not infinite, some assessment of risk and risk mitigation necessarily attends any decision—whether it is implicit in the consideration or explicit.