Latest Reporting
CYBERCOM

Should NSA and CYBERCOM Split? The Legal and Policy Hurdles as They Developed Over the Past Year

In light of Michael Sulmeyer’s excellent recent piece on splitting NSA and CYBERCOM, which ran at War on the Rocks last week, I want to pull together some of the key legal and policy developments of the past year in a single narrative.  My aim is to put them in context with each other in a way that will provide useful background for those new to this issue, while also putting a spotlight on the deconfliction-of-equities issue that the split proposal raises.

Cybersecurity

Rediscovering Vulnerabilities

Software and computer systems are a standard target of intelligence collection in an age where everything from your phone to your sneakers has been turned into a connected computing device. A modern government intelligence organization must maintain access to some software vulnerabilities into order to target these devices. However, the WannaCry ransomware and NotPetya attacks have called attention to the perennial flipside of this issue—the same vulnerabilities that the U.S. government uses to conduct this targeting can also be exploited by malicious actors if they go unpatched.

Subscribe to DayZero: Cybersecurity Law and Policy

Subscribe

Subscribe to DayZero: Cybersecurity Law and Policy via RSS.