Header graphic for print
Steptoe Cyberblog

Category Archives: Data Breach

Subscribe to Data Breach RSS Feed

Steptoe Cyberlaw Podcast – Interview with Eric Jensen

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

European news and sensibilities dominate episode 112.  I indulge in some unseemly gloating about Europe’s newfound enthusiasm for the PNR data it wasted years of my life trying to negotiate out of the US counterterrorism toolbox.  I pester our guest, Eric Jensen, about his work on the Talinn 2.0 manual covering the law of cyberwar;… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Suzanne Spaulding

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Just how sophisticated are the nations planning and carrying out cyberattacks on electric grids?  Very, is the short answer.   Our guest for episode 111, Suzanne Spaulding, DHS’s Under Secretary for the National Protection and Programs Directorate, lays out just how much planning and resources went into the attack on Ukraine’s grid, what it means for… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Perianne Boring

Posted in Blockchain, Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & Policies, Virtual Currency

In episode 109, we interview Perianne Boring of the Chamber of Digital Commerce on the regulatory challenges of bitcoin and the blockchain.  In the news roundup, we bring back Apple v. FBI for what we hope will be one last round, as the San Bernardino magistrate voids her All Writs Act motion for mootness and… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Adam Segal

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

What kind of internet world order does China want, and will it succeed?  That’s the question we ask Adam Segal, Maurice R. Greenberg Senior Fellow at the Council on Foreign Relation and author of The Hacked World Order.  We review China’s surprising success at getting tech companies to help it build an authoritarian Internet –… Continue Reading

Steptoe Cyberlaw Podcast – Hostfull II

Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & Policies

Due to technical difficulties, the interview for the 103rd episode will be released as a separate post next week.   In the news roundup, we explore Apple’s brief against providing additional assistance to the FBI in its investigation of the San Bernardino killings.  Michael Vatis finds good and bad in the brief – some entirely plausible arguments… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Glenn Gerstell

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

What is the most surprising discovery a law firm partner makes when he jumps to the National Security Agency?  I direct that and other questions at Glenn Gerstell, who has just finished six months in the job as General Counsel at the National Security Agency. In the news roundup, we begin, of course, with the… Continue Reading

Second Annual Triple Entente Beer Summit

Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & Policies

Next  Thursday, February 18, from 6:00 pm – 9:00 pm, Alan Cohn and I will be speaking at the “2016 Triple Entente Beer Summit” at the Old Engine 12 Firehouse Restaurant (1626 North Capitol Street Northwest, Washington, DC).  This will be the second annual live recording of the three podcasts – Steptoe Cyberlaw Podcast, Lawfare Podcast, and Rational… Continue Reading

Steptoe Cyberlaw Podcast – Interview with David Kris

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

We devote episode 100 to “section 702” intelligence – the highly productive counterterrorism program that collects data on foreigners from data stored on US servers.  What’s remarkable about the program is its roots:  President Bush’s decision to ignore the clear language of FISA and implement collection without judicial approval.  That decision has now been ratified… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Melanie Teplinsky

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

If there really is another crypto war in Washington, then this week’s podcast features several war correspondents and at least one victim of PTSD.  Our guest is Melanie Teplinsky, former cybersecurity lawyer at Steptoe, adjunct professor at American University’s Washington College of Law, advisory board member for Crowdstrike, and a regular columnist on privacy and… Continue Reading

Steptoe Cyberlaw Podcast – Interview with John Lynch

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Back for a rematch, John Lynch and I return to the “hackback” debate in episode 97, with Jim Lewis of CSIS providing color commentary.  John Lynch is the head of the Justice Department’s computer crime section.  We find more common ground than might be expected but plenty of conflict as well.  I suggest that Sheriff… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Senator Tom Cotton

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

How do you graduate as a conservative with two Harvard degrees? We learn this and much more from Sen. Tom Cotton (R-AR), our guest for episode 96 .  We dive deep with the Senator on the 215 metadata program and its USA FREEDOM Act replacement.  We ask what the future holds for the 702 program, one… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Mike Daugherty

Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation

With Wyndham’s surrender to the FTC after a brutal court of appeals opinion, the last outpost of resistance to the FTC’s cybersecurity agenda is Mike Daugherty, CEO of LabMD.  Daugherty refused to take the easy road and enter into a consent decree with the FTC to settle its claim that the company’s security was insufficient… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Rod Beckstrom

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for episode 93 is cybersecurity’s Renaissance Man.  Rod Beckstrom started DHS’s National Cybersecurity Center, then headed ICANN; before and after those gigs, he was a Silicon Valley investor and officer in security startups as early as the 1990s and as recently as this year.  Our interview spans Rod’s career and what it has… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Mark Shuttleworth

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

The NSA metadata program that is set to expire in two weeks was designed to provide early warning of a terror attack planned in a foreign safe haven and carried out inside the United States.  Those are some of the most deadly terror attacks we’ve seen, from 9/11 to Mumbai.  And now Paris. So should… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Adam Kozy and Johannes Gilger

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Where the hell are the FTC, Silicon Valley, and CDT when human rights and privacy are on the line? If the United States announced that it had been installing malware on 2% of all the laptops that crossed US borders, the lawsuits would be flying thick and fast, and every company in Silicon Valley would… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Ari Schwartz

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

What good is CISA, anyway? Now that both the House and Senate have passed information sharing bills that are strikingly similar but not identical, the prospects for a change in the law are good.  But what changes, and how much difference will they make to network defenders?  That’s the topic we explore in episode 87… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Mikko Hypponen

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Are Russian hacker-spies a bunch of lethargic government drones more interested in smash-and-grabs than stealth?  That’s one of the questions we pose to Mikko Hypponen in episode 86 (right after we ask about how to pronounce his name; turns out, that’s harder than you think).  Mikko is the Chief Research Officer at F-Secure and a… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Jack Goldsmith

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

In episode 84 our guest is Jack Goldsmith, Professor at Harvard Law School, a Senior Fellow at the Hoover Institution at Stanford University, and co-founder of the Lawfare blog.  Before coming to Harvard, he served as Assistant Attorney General, Office of Legal Counsel and Special Counsel to the Department of Defense.  From cyberespionage to the… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Bruce Schneier

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Bruce Schneier joins Stewart Baker and Alan Cohn for an episode recorded live in front of an audience of security and privacy professionals.  Appearing at the conference Privacy.Security.Risk. 2015., sponsored by the IAPP and the Cloud Security Alliance, Bruce Schneier talks through recent developments in law and technology. The three of us stare into the pit… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Jim Lewis

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Cyberlaw negotiations are the theme of episode 82, as the US and China strike a potentially significant agreement on commercial cyberespionage and Europeans focus on tearing up agreements with the US and intruding on US sovereignty. Our guest for the episode is Jim Lewis, a senior fellow and director of the Strategic Technologies Program at… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Margie Gilbert

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Episode 81 features China in the Bull Shop, as the White House prepares for President Xi’s visit and what could be ugly talks on cyber issues.  Our guest commentator, Margie Gilbert, is a network security professional with service at NSA, CIA, ODNI, Congress, and the NSC.  Now at Team Cymru, she’s able to offer a… Continue Reading

Steptoe Cyberlaw Podcast – Hostfull

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Still trying to dig out from under our hiatus backlog, we devote episode 80 to our regulars.  We’ll bring back a guest next week.  This week it’s a double dose of Jason Weinstein, Michael Vatis, Stewart Baker, and Congress-watcher Doug Kantor. Michael offers an analysis of the Second Circuit’s oral argument in the Microsoft lawsuit… Continue Reading