How the U.S. government can approach the problem.
Sasha Romanosky, PhD, is a policy researcher at the RAND Corporation where he researches topics on the economics of security and privacy, national security, applied microeconomics, and law & economics. He is a former Cyber Policy Advisor at the Department of Defense, and co-author of the Common Vulnerability Scoring System, an international standard for scoring computer vulnerabilities.
Subscribe to this Lawfare contributor via RSS.
More nations need to be talking about how they manage zero day vulnerabilities.
In the world of kinetic military operations, collateral damage is typically straightforward to assess because of well-established definitions, well-understood weapon characteristics, and reasonably well-defined legal and policy frameworks. Sasha Romanosky and Zachary Goldman discuss the challenges of extending this framework to cyberattacks with non-physical consequences.