If the U.S., the U.K. or any other government sought to create an objective framework for decision making, what might that look like?
Sasha Romanosky, PhD, is a policy researcher at the RAND Corporation where he researches topics on the economics of security and privacy, national security, applied microeconomics, and law & economics. He is a former Cyber Policy Advisor at the Department of Defense, and co-author of the Common Vulnerability Scoring System, an international standard for scoring computer vulnerabilities.
Subscribe to this Lawfare contributor via RSS.
How the U.S. government can approach the problem.
More nations need to be talking about how they manage zero day vulnerabilities.
In the world of kinetic military operations, collateral damage is typically straightforward to assess because of well-established definitions, well-understood weapon characteristics, and reasonably well-defined legal and policy frameworks. Sasha Romanosky and Zachary Goldman discuss the challenges of extending this framework to cyberattacks with non-physical consequences.