Latest in CISA

Cybersecurity

Progress in Cybersecurity: Toward a System of Measurement

How do we quantify safety and security? That fundamental question underlies almost all modern national security questions (and, naturally, most commercial questions about risk as well). The cost-benefit analysis inherent in measuring safety and security drives decisions on, to cite just a few examples, new car safety devices, airplane maintenance schedules and the deployment of border security systems. In a world where resources are not infinite, some assessment of risk and risk mitigation necessarily attends any decision—whether it is implicit in the consideration or explicit.

Cybersecurity

CISA in Context: Privacy Protections and the Portal

When CISA passed the Senate back in October, many commentators warned of the panoply of ways in which a hypothetical DHS information-sharing portal would function to allow companies to collect and then funnel citizens’ private information directly into the hands of the most fearsome elements of the federal government:

The Cyberlaw Podcast

Steptoe Cyberlaw Podcast, Episode #87: An Interview with Ari Schwartz

What good is CISA, anyway?

Now that both the House and Senate have passed information sharing bills that are strikingly similar but not identical, the prospects for a change in the law are good. But what are those changes, and how much difference will they make to network defenders?

The Cyberlaw Podcast

Steptoe Cyberlaw Podcast, Episode #86: An Interview with Mikko Hypponen

Are Russian hacker-spies a bunch of lethargic government drones more interested in smash-and-grabs than stealth? That’s one of the questions we pose to Mikko Hypponen in episode 86 (right after we ask about how to pronounce his name; turns out, that’s harder than you think). Mikko is the Chief Research Officer at F-Secure and a long-time expert in computer security who has spoken and consulted around the world for over 20 years.

The Cyberlaw Podcast

Steptoe Cyberlaw Podcast, Episode #77: An Interview with Bruce Andrews

Our guest for episode 77 is Bruce Andrews, the deputy secretary of the Commerce Department. Alan Cohn and I pepper Bruce with questions about export controls on cybersecurity technology, stopping commercial cyberespionage, the future of the NIST cybersecurity framework, and how we can get on future cybersecurity trade missions, among other things.

In the news roundup, Alan and I puzzle over the administration’s reluctance to blame China for its hacks of US agencies.

The Cyberlaw Podcast

Steptoe Cyberlaw Podcast, Episode #71: An Interview with David Anderson

Privacy advocates are embracing a recent report recommending that the government require bulk data retention by carriers and perhaps web service providers, exercise extraterritorial jurisdiction over data stored abroad, and expand reliance on classified judicial warrants. In what alternative universe is this true, you ask? No need to look far. That’s the state of the debate in our closest ally. The recommendations were given to the United Kingdom by an independent reviewer, David Anderson.

Subscribe to Lawfare

EmailRSSKindle