DayZero dives deep in cybersecurity vulnerabilities, and the crime, espionage, and warfare taking place on networked computers. We look at legislation, practice, and litigation over how to keep our networks and critical infrastructure secure; new and emerging threats and how the policy process responds to them; the relationship between cybersecurity other security goods; and cybersecurity in American relations with foreign adversaries and allies.
As The Airing of Grievances overtakes The Patching of Old Machines, Michael Vatis joins me in identifying all the entities who’ve been blamed for WannaCry, starting with Microsoft for not patching Windows XP until after the damage was done.
With the attention of the United States and its allies at present focused on North Korea's nuclear activity, North Korea potentially has greater latitude to act aggressively in the cyber realm, especially against the private sector.
Today a bipartisan group of lawmakers introduced in both the House and Senate a bill that would formalize the Vulnerability Equities Process (VEP) into law.
Allowing Senate staff to use Signal is an important move toward better information security.
I thought the Windows tools were the most damaging the Shadow Brokers have to offer. Today, with the announcement of the Shadow Broker’s Data Dump of the Month club, I may need to eat some crow.
The most important policy question raised by the WannaCry ransomware fiasco is not the most obvious one.
How should we understand NSA's responsibility for the WannaCrypt ransomware attack?
Subscribe to DayZero: Cybersecurity Law and Policy via RSS.