Header graphic for print
Steptoe Cyberblog

Tag Archives: cybersecurity

Steptoe Cyberlaw Podcast – Interview with Alan Cohn

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for episode 63 of the Cyberlaw Podcast is Alan Cohn, former Assistant Secretary for Strategy, Planning, Analysis & Risk in the DHS Office of Policy and a recent addition at Steptoe.  Alan brings to bear nearly a decade of experience at DHS to measure the Department’s growth.  He explains how it has undertaken… Continue Reading

Treasury Sanctions on Cyber Attackers

Posted in Cybersecurity and Cyberwar, Data Breach, Security Programs & Policies

The executive order allowing the President to impose OFAC sanctions on hackers is good news.  I’ve been calling on the government for several years to go beyond attribution to retribution.  See, for example this post from 2012, this Foreign Policy article, and this recent podcast with Juan Zarate.  Similar sentiments were expressed in a 2013 report… Continue Reading

Why the House Information-Sharing Bill Could Actually Deter Information Sharing

Posted in Cybersecurity and Cyberwar, Privacy Regulation, Security Programs & Policies

The House Intelligence Committee has now adopted a manager’s amendment to what it’s now calling the “Protecting Cyber Networks Act.”  Predictably, privacy groups are already inveighing against it. I fear that the House bill is indeed seriously flawed, but not because it invades privacy.  Instead, it appears to pile unworkable new privacy regulations on the… Continue Reading

How Lawyers Can Deter the Cybertheft of Commercial Secrets

Posted in China, Cybersecurity and Cyberwar, International, Security Programs & Policies

Cyberspies can’t count on anonymity any more. The United States (and the private security firm Mandiant) stripped a PLA espionage unit of its cover two years ago with a detailed description of the unit’s individual hackers; that report was followed by federal indictments of members of the unit that described them and their activities is… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Siobhan Gorman

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for Episode 56 of the Cyberlaw Podcast is Siobhan Gorman, who broke many of the top cybersecurity stories for the Wall Street Journal until she left late last year to join the Brunswick Group, which does crisis communications for private companies.  Siobhan comments on the flood of attribution stories in recent days, including… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Ben Wittes

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Episode 54 of the Cyberlaw Podcast features a guest appearance by Lawfare’s own Ben Wittes, discussing cybersecurity in the context of his forthcoming book, The Future of Violence, authored by Ben and Gabriella Blum.  (The future of violence, you won’t be surprised to hear, looks bright.)  Ben also floats the idea of taping an episode… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Alexander Klimburg

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

In this week’s episode of the Cyberlaw Podcast, I take our new mobile recording equipment to Paris to talk about Europe’s cybersecurity directive with Alex Klimburg, of the Hague Institute for Strategic Studies and the Harvard Kennedy School’s Belfer Center.  The directive is in its final stages after a two-year buildup, and the most recent… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Shane Harris

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our interview focuses on Shane Harris and his new book, @War:  The Rise of the Military-Internet Complex.   It’s a good read and a good book, marred by the occasional deployment of easy lefty tropes – government contractors are mercenaries, the military sees war as an opportunity to expand turf, cybersecurity is a threat to privacy,… Continue Reading

A Week of Bad News and Good News in Cybersecurity – Here’s What You Need to Know

Posted in Cybersecurity and Cyberwar, Data Breach, Security Programs & Policies

It was a busy week for companies and government agencies struggling to combat the growing threat of cyber-attacks, with some bad news and some good news.  Here’s what you need to know, and how we can help. What you Need to know First, the bad news: Lawsuits against Target move forward and lawsuits against Home… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Troels Oerting

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for the week is Troels Oerting, the head of EC3, Europe’s new cybercrime coordination center.  He talks about EC3’s role in the recent take down of over 400 darknet sites, arrests of travelers using fake credit cards and of users of the Blackshades Remote Access Tool.  He repeats his view that there are… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Orin Kerr

Posted in Cloud Computing, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

We share the program this week with Orin Kerr, a regular guest who knows at least as much as we do about most of these topics and who jumps in on many of them.  Orin, of course, is a professor of law at George Washington University and well-known scholar in computer crime law and Internet surveillance…. Continue Reading

Steptoe Cyberlaw Podcast – Interview with Robert Litt

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest this week is Robert (Bob) Litt, the General Counsel of the Office of the Director of National Intelligence.  Bob has had a distinguished career in government, from his clerkship with Justice Stewart, his time as a prosecutor in the Southern District of New York and at Main Justice, and more than five years… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Admiral David Simpson

Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & Policies

Our guest today is Admiral David Simpson, Chief of the FCC’s Public Safety and Homeland Security Bureau.  Admiral Simpson has more than 20 years of Information and Communications Technology experience supporting the Department of Defense.  Adm. Simpson is joined by Clete Johnson, his Chief Counsel for Cybersecurity.  The interview digs deep into Chairman Wheeler’s cybersecurity… Continue Reading

9/11 Commission Gingerly Embraces “Direct Action” Against Hackers

Posted in Cybersecurity and Cyberwar, Security Programs & Policies

I’ve long been an advocate for fewer restraints on how the private sector responds to hacking attacks.  If the government can’t stop and can’t punish such attacks, in my view the least it could do is not threaten the victims with felony prosecution for taking reasonable measures in self-defense.  I debated the topic with co-blogger… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Dmitri Alperovich

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

This week in NSA: We take a look at the other half of the Lofgren amendment, which prohibits NSA and CIA from asking a company to “alter its product or service to permit electronic surveillance.”  So if Mullah Omar orders a phone from Amazon, the government can’t ask Amazon to put a bug in it… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Ralph Langner

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

This week in NSA: The House passes an NDAA amendment to regulate “secondary” searches of 702 data, and the prize for Dumbest NSA Story of the Month Award goes to Andrea Peterson of the Washington Post for exposing NSA’s shocking use of “Skilz points” to encourage its analysts to use new tools to do their… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Paul Rosenzweig

Posted in China, Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

Our guest for the week, Paul Rosenzweig, is as knowledgeable as anyone about cybersecurity and intelligence law.  He blogs on the topics for Lawfare, writes for the Homeland Security Institute, consults for Red Branch Consulting, and lectures for the Great Courses on Audible. So this week we let him comment on the stories of the… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Congressman Mike Pompeo

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

This week’s interview is with Rep. Mike Pompeo, a member of the House Intelligence Committee who joined the House in 2010 after three careers, any one of which would have been enough for an ordinary man.  First in his class in West Point, he left the Army to study law at Harvard, where he made… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Ron Deibert

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

We begin this week’s podcast with Edward Snowden’s NBC interview and the kerfuffle over his claim to have raised concerns about the agency’s intelligence programs before he launched his campaign of leaks.  That leads us (or me, at least) to a meditation on Snowden’s style of truth-telling, which turns out to be almost indistinguishable from,… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Peter Schaar

Posted in China, Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

Our podcast this week unpacks the European Court of Justice ruling on the right to be forgotten.  We interview Peter Schaar, a proponent of the right to be forgotten and an eminent former data protection chief.  From 2003 to 2013 Peter was the Federal Commissioner for Data Protection and Freedom of Information.  He is currently… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Shane Harris

Posted in China, Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

For the first time, we begin the podcast not with NSA on the defensive, but with breaking news of an American counterattack on Chinese cyberspying – the indictment of several PLA members for breaking into US computers to steal commercial information. Our guest for the day, Shane Harris, is ideally suited to analyze the case…. Continue Reading

Steptoe Cyberlaw Podcast – An Interview with Brian Krebs

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

This week’s podcast features Brian Krebs, the noted security researcher behind Krebs on Security.  Brian comments on the week’s news before giving us an interview on the latest in Russian cybercrime.  We talk about why Microsoft is still patching XP – and why that probably gives its lawyers heartburn.  Brian unpacks Covert Redirection, the latest… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Elana Broitman and Shawn Cooley

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

We begin the podcast with This week in NSA, but how long that feature will survive is in doubt.  Because what’s most newsworthy this week is that there was practically no news about NSA.  Or at least no new scandal stories.  The principal new release came from the US government and consisted of a FISA… Continue Reading