Congress should facilitate cross-pollination of talent between private-sector technologists and government agencies.
Latest in Cyber & Technology
AJIL Unbound is publishing an online symposium on sovereignty and cyber operations.
A working group at the Federalist Society's Regulatory Transparency Project has a new white paper on regulating emerging technologies.
Companies like Facebook and Google might appear to provide something like a public utility, but should the government regulate them as such?
In light of Michael Sulmeyer’s excellent recent piece on splitting NSA and CYBERCOM, which ran at War on the Rocks last week, I want to pull together some of the key legal and policy developments of the past year in a single narrative. My aim is to put them in context with each other in a way that will provide useful background for those new to this issue, while also putting a spotlight on the deconfliction-of-equities issue that the split proposal raises.
C4ISRNET recently published an interesting and useful four-part series exploring what U.S. Cyber Command will need to operate on its own, separate from the National Security Agency. (Part I is here and provides links to the other parts in the series.)
The recent WannaCry and NotPetya global cyber incidents have fueled the debate already raging over the role of and limits on corporate self-defense in cyberspace. The emerging international practice of “active cyber defense” (ACD) moves this debate beyond the merely theoretical realm. Private sector active defense potentially shifts the balance in favor of defenders and would improve companies’ ability to complicate and disrupt attacks and mitigate damages.
The University of California, Irvine’s new Cybersecurity Policy & Research Institute (CPRI), which opened last year under the directorship of Bryan Cunningham, launched several interesting new cybersecurity initiatives earlier this week, including a research project on cyberattack attribution and supply chain security; a law enforcement cyber training program; a cyber victims defense clinic, and a curriculum development effort for high school students. The press release is here.
Inspecting anti-virus source code is probably not enough to make Kaspersky products a safe tool for Congress.