Header graphic for print
Steptoe Cyberblog

Category Archives: Cybersecurity and Cyberwar

Subscribe to Cybersecurity and Cyberwar RSS Feed

Steptoe Cyberlaw Podcast – Interview with David Sanger

Posted in China, Cybersecurity and Cyberwar, International, Privacy Regulation, Uncategorized

168: Globalizing Censorship Episode 168 features the Tinkers-to-Evers-to-Chance of global censorship, as Filipino contractors earning minimum wage delete posts in order to satisfy US tech companies who are trying to satisfy European governments.  In addition to Maury Shenk, our panel of interlocutors includes David Sanger, Chief Washington Correspondent for the New York Times, and Karen… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Kevin Mandia

Posted in Cybersecurity and Cyberwar, Data Breach, International

Episode 166 is the interview that goes with episode 165’s news roundup, released separately to ensure the timeliness of the news. In episode 166, we interview Kevin Mandia, the CEO and Board Director of FireEye, an intelligence-led security company.  FireEye recently outed a new cyberespionage actor associated with the Vietnamese government.  Kevin tells us how… Continue Reading

Steptoe Cyberlaw Podcast – News Roundup

Posted in China, Cybersecurity and Cyberwar, International

Episode 165 is a WannaCry Festivus celebration, as The Airing of Grievances overtakes The Patching of Old Machines. Michael Vatis joins me in identifying all the entities who’ve been blamed for WannaCry, starting with Microsoft for not patching Windows XP until after the damage was done.  (We exonerate Microsoft on that count.) Another candidate for… Continue Reading

Steptoe Cyberlaw Podcast — Interview with Susan Munro

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies, Uncategorized

Episode 163 With our sound system back on line, episode 163 is already a big step up from Lost Episode 162.  (Transcripts of 162 are available for those who wish by sending email to CyberlawPodcast@steptoe.com.) Our interview is with Susan Munro, of Steptoe’s Beijing office.  Susan unwinds the complex spool of cyberlaw measures promulgated by… Continue Reading

Steptoe Cyberlaw Podcast — Interview with Michael Schmitt

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Episode 162: The Law of Armed Vibrators In this episode, I debate Michael Schmitt, a prime mover in two Talinn Manuals on international law and cyber operations. We are joined by an expert on the topic and a new Steptoe partner, Brian Egan, who was formerly the State Department legal adviser, among other accomplishments.  And… Continue Reading

Steptoe Cyberlaw Podcast — News Roundup

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Episode 161: News Roundup In this episode, Alan Cohn and Maury Shenk look at questions in Europe and elsewhere in Stewart’s absence.  Maury delves into why Google was ordered to turn over foreign data accessible from US, a decision that seems at odds with the Microsoft Ireland case.  Alan considers claims made by David Sanger… Continue Reading

Steptoe Cyberlaw Podcast — News Roundup with Julian Sanchez and Gus Hurwitz

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation

Episode 160: News Roundup with Julian Sanchez and Gus Hurwitz This week the podcast features an extended news roundup with two guest commentators – Julian Sanchez of the Cato Institute and Gus Hurwitz of Nebraska Law School. We talk about the latest, mostly overhyped, Shadowbrokers dump, and whether Google Translate can be taught to render… Continue Reading

Steptoe Cyberlaw Podcast – Debate with Greg Nojeim and Jamil Jaffer

Posted in Cybersecurity and Cyberwar, Data Breach, International, Security Programs & Policies

155: Debating Hackback Episode 155 of the podcast offers something new:  equal time for opposing views.  Well, sort of, anyway.  In place of our usual interview, we’re running a debate over hacking back that CSIS sponsored last week.  I argue that US companies should be allowed to hack back; I’m opposed by Greg Nojeim, Senior… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Curtis Dukes and Tony Sager

Posted in Cybersecurity and Cyberwar, Data Breach, Security Programs & Policies

Episode 154:  What cybersecurity experts tell their Moms about computer security In this week’s episode, we ask two acknowledged NSA cybersecurity experts, Curtis Dukes and Tony Sager, both from the Center for Internet Security, what they tell their family members about how to keep their computers, phones, and doorbells safe from hackers. Joining us for… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Matt Tait

Posted in China, Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

Episode 153:  Fancy Bear, Cozy Bear, and … Sneaky Bear? In this episode, Matt Tait, aka @PwnAllTheThings, takes us on a tour of Russia’s cyberoperations.  Ever wonder why there are three big Russian intel agencies but only two that have nicknames in cybersecurity research?  Matt has the answer to this and all your other Russian… Continue Reading

Steptoe Cyberlaw Podcast – News Roundup with Paul Rosenzweig

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Episode 152: “Alexa, do you have first amendment rights?” Our guest for episode 152 is Paul Rosenzweig, and we tour the horizon with him. In the news roundup, Stephanie Roy outlines the deregulatory tangle around ISPs, privacy, security, and the FCC.  Maury Shenk briefs us on the European legislation authorizing the quashing of terrorist advocacy… Continue Reading

Steptoe Cyberlaw Podcast — Interview with John “Four” Flynn, Heather Adkins, and Troels Oerting

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

In this episode, Stewart Baker goes to RSA and interviews the people that everyone at RSA is hoping to sell to – CISOs. In particular, John “Four” Flynn of Uber, Heather Adkins of Google, and Troels Oerting of Barclays Bank. We ask them what trends at RSA give them hope for the future, which make… Continue Reading

Cybersecurity and the Wassenaar Arrangement — What Needs to Be Done in 2017?

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Cyber threats move at Internet speed and so must cyber responders, to protect networks and data across the globe. Imagine the impact on cybersecurity if responders, innovators, and developers were told to pause and apply for an export license before responding to a threat. With a new round of international negotiations about to begin for… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Dominic Rochon and Patricia Kosseim

Posted in Cybersecurity and Cyberwar, Data Breach, International

Our interview features a classic “please don’t read this” headline: “Worthwhile Canadian Initiatives.”  We explore multiple worthwhile Canadian initiatives with Dominic Rochon, deputy chief of policy and communications for CSE, Canada’s version of the NSA and with Patricia Kosseim, general counsel and director general for policy at the Office of Canada’s Privacy Commissioner.  Among other… Continue Reading

2017 Global Cybersecurity Policy: Challenges & Highlights

Posted in Cybersecurity and Cyberwar, International

The growing dependence of states and societies on ICT systems means they face a higher risk of cyberattacks. Increasingly sophisticated hacking attacks target not only individual people and companies, but also highly developed countries. Although cyberattacks can have disastrous consequences, research shows that we still miss the mark in preparedness. Acknowledging the magnitude of the risk, global… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Jason Healey

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies, Uncategorized

149:  Thigh-high boots and defense dominance Our guest for episode 149 of the podcast is Jason Healey, whose Atlantic Council paper, “A Nonstate Strategy for Saving Cyberspace,” advocates for an explicit bias toward cyber defense and the private sector.  He responds well to my skeptical questioning, and even my suggestion that his vision of “defense… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Corin Stone

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation

Our guest for episode 148 of the podcast is Corin Stone, the Executive Director of the National Security Agency.  Corin handles some tough questions – should the new team dump PPD-28, how is morale at the agency after the Snowden and Shadowbroker leaks, and will fully separating Cyber Command from NSA mean new turf fights? … Continue Reading

Steptoe Cyberlaw Podcast – Interview with Jack Goldsmith

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation

147: Introducing the Herman Kahn of Cyberspace Our guest interview is with Jack Goldsmith, Shattuck Professor of Law at Harvard and co-founder of Lawfare.  We explore his contrarian view of how to deal with Russian hacking, which leads to me praising (or defaming, take your pick) him as a Herman Kahn for cyberconflict.  Except what’s unthinkable… Continue Reading

Steptoe Cyberlaw Podcast – News Roundup

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Uncategorized

Posse Comitatus: Latin for “Get off my turf”? Would it violate the Posse Comitatus Act to give DOD a bigger role in cybersecurity?  Michael Vatis and I call BS on the idea, which I ascribe to Trump Derangement Syndrome and Michael more charitably ascribes to a DOD-DHS turf fight. Should the FDA allow implants of… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Davis Hake and Nico Sell

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Episode 145:  What Donald Trump and “Occupy Wall Street” have in common We interview two contributors to CSIS’s Cybersecurity Agenda for the 45th President.  Considering the track record of the last three Presidents, it’s hard to be optimistic, but Davis Hake and Nico Sell offer a timely look at some of the most pressing policy… Continue Reading

Steptoe Cyberlaw Podcast – News Roundup

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

We start 2017 the way we ended 2016, mocking the left/lib bias of stories about intercept law.  Remember the European Court of Justice decision that undermined the UK’s new Investigatory Powers Act and struck down bulk data retention laws around Europe?  Yeah, well, not so much.  Maury Shenk walks us through the decision and explains… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Matthew Green

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Vlad’s Botox Fresh off a redeye from Israel, I interview Matthew Green of the Johns Hopkins Information Security Institute.  Security news from the internet of things grows ever grimmer, we agree, but I get off the bus when Matt and the EFF try to solve the problem with free speech law. In the news roundup,… Continue Reading