Header graphic for print
Steptoe Cyberblog

Tag Archives: cybersecurity

Second Annual Triple Entente Beer Summit

Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & Policies

Next  Thursday, February 18, from 6:00 pm – 9:00 pm, Alan Cohn and I will be speaking at the “2016 Triple Entente Beer Summit” at the Old Engine 12 Firehouse Restaurant (1626 North Capitol Street Northwest, Washington, DC).  This will be the second annual live recording of the three podcasts – Steptoe Cyberlaw Podcast, Lawfare Podcast, and Rational… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Amit Ashkenazi

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

Our guest is Amit Ashkenazi, whom I interviewed while in Israel.  Amit is Legal Advisor of The Israel National Cyber Bureau and a former general counsel to Israel’s data protection agency.  Israel is drafting its own cybersecurity act, and we discuss what if anything that country can learn from the US debate – and what… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Melanie Teplinsky

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

If there really is another crypto war in Washington, then this week’s podcast features several war correspondents and at least one victim of PTSD.  Our guest is Melanie Teplinsky, former cybersecurity lawyer at Steptoe, adjunct professor at American University’s Washington College of Law, advisory board member for Crowdstrike, and a regular columnist on privacy and… Continue Reading

Steptoe Cyberlaw Podcast – Interview with John Lynch

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Back for a rematch, John Lynch and I return to the “hackback” debate in episode 97, with Jim Lewis of CSIS providing color commentary.  John Lynch is the head of the Justice Department’s computer crime section.  We find more common ground than might be expected but plenty of conflict as well.  I suggest that Sheriff… Continue Reading

Time to Get Serious About Europe’s Sabotage of US Terror Intelligence Programs

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

The intelligence tools that protect us from terrorism are under attack, and from an unlikely quarter. Europe, which depends on America’s intelligence reach to fend off terrorists, has embarked on a path that will sabotage some of our most important intelligence capabilities. This crisis has been a long time brewing, and up to now, the… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Senator Tom Cotton

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

How do you graduate as a conservative with two Harvard degrees? We learn this and much more from Sen. Tom Cotton (R-AR), our guest for episode 96 .  We dive deep with the Senator on the 215 metadata program and its USA FREEDOM Act replacement.  We ask what the future holds for the 702 program, one… Continue Reading

OFAC Issues Cyber-Related Sanctions Regulations

Posted in Cybersecurity and Cyberwar, Security Programs & Policies

On December 31, 2015, the US Treasury Department, Office of Foreign Assets Control (OFAC) issued the Cyber-Related Sanctions Regulations (CRSR), 31 C.F.R. Part 578.  The CRSR formally implement the sanctions set forth in Executive Order (EO) 13694 of April 1, 2015, which authorizes sanctions against persons involved in malicious “cyber-enabled” activities, and are effective immediately. Read… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Nick Weaver

Posted in China, Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

We’re back from hiatus with a boatload of news and a cautiously libertarian technologist guest in Nick Weaver of the International Computer Science Institute in Berkeley.  To start Episode 95 of the podcast, Michael Vatis and I plumb the meaning of the Cyber Security Act’s passage.  The big news?  Apparently Santa is real, state laws… Continue Reading

CFTC Adopts Proposed Cybersecurity Regulations

Posted in Cybersecurity and Cyberwar, Security Programs & Policies

On Wednesday, December 16, 2015, the Commodity Futures Trading Commission (CFTC or Commission) approved for publication two proposed rules to amend existing regulations addressing cybersecurity.  The proposed rules would establish testing obligations and safeguards for the automated systems used by designated contract markets (DCMs), swap execution facilities (SEFs), swap data repositories (SDRs) (the Exchange Proposal),… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Mike Daugherty

Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation

With Wyndham’s surrender to the FTC after a brutal court of appeals opinion, the last outpost of resistance to the FTC’s cybersecurity agenda is Mike Daugherty, CEO of LabMD.  Daugherty refused to take the easy road and enter into a consent decree with the FTC to settle its claim that the company’s security was insufficient… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Rod Beckstrom

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guest for episode 93 is cybersecurity’s Renaissance Man.  Rod Beckstrom started DHS’s National Cybersecurity Center, then headed ICANN; before and after those gigs, he was a Silicon Valley investor and officer in security startups as early as the 1990s and as recently as this year.  Our interview spans Rod’s career and what it has… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Ellen Nakashima and Tony Cole

Posted in China, Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

Did China’s PLA really stop hacking US companies for commercial secrets? And does it matter? In episode 92, we ask those questions and more of two experts on the topic ‒ Washington Post reporter Ellen Nakashima, who has broken many stories on PLA hacking, and Tony Cole, the Global Government CTO with FireEye, who has… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Mark Shuttleworth

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

The NSA metadata program that is set to expire in two weeks was designed to provide early warning of a terror attack planned in a foreign safe haven and carried out inside the United States.  Those are some of the most deadly terror attacks we’ve seen, from 9/11 to Mumbai.  And now Paris. So should… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Adam Kozy and Johannes Gilger

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Where the hell are the FTC, Silicon Valley, and CDT when human rights and privacy are on the line? If the United States announced that it had been installing malware on 2% of all the laptops that crossed US borders, the lawsuits would be flying thick and fast, and every company in Silicon Valley would… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Gen. Michael Hayden

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

Want to see cyber attribution and deterrence in action? In August, a hacker pulled the names of US military personnel and others out of a corporate network and passed them to ISIL. British jihadist Junaid Hussain exulted when ISIL released the names. “They have us on their ‘hit list,’ and we have them on ours… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Jim Lewis

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Cyberlaw negotiations are the theme of episode 82, as the US and China strike a potentially significant agreement on commercial cyberespionage and Europeans focus on tearing up agreements with the US and intruding on US sovereignty. Our guest for the episode is Jim Lewis, a senior fellow and director of the Strategic Technologies Program at… Continue Reading

Steptoe Cyberlaw Podcast – Hostfull

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Still trying to dig out from under our hiatus backlog, we devote episode 80 to our regulars.  We’ll bring back a guest next week.  This week it’s a double dose of Jason Weinstein, Michael Vatis, Stewart Baker, and Congress-watcher Doug Kantor. Michael offers an analysis of the Second Circuit’s oral argument in the Microsoft lawsuit… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Peter Singer

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

The cyberlaw podcast is back from hiatus with a bang.  Our guest is Peter Singer, author of Ghost Fleet, a Tom Clancy-esque thriller designed to illustrate the author’s policy and military chops.  The book features a military conflict with China that uses all the weapons the United States and China are likely to deploy in… Continue Reading

The GitHub Attack and Internet Self-defense

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

In an earlier post I talked about how the Chinese government has used its “Great Firewall” censorship machinery on an expanded list of targets – from its own citizens to ordinary Americans who happen to visit Internet sites in China.  By intercepting the ad and analytics scripts that Americans downloaded from Chinese sites, the Chinese… Continue Reading

The GitHub Attack, Part 1: Making International Cyber Law the Ugly Way

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

Over the past few years, the US government has invested heavily in trying to create international norms for cyberspace. We’ve endlessly cajoled other nations to agree on broad principles about internet freedom and how the law of war applies to cyberconflicts. Progress has been slow, especially with countries that might actually face us in a cyberwar…. Continue Reading

Steptoe Cyberlaw Podcast – Atlantic Council Panel

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Bonus Episode 78:  Dmitri Alperovitch, Harvey Rishikof, Stewart Baker, and Melanie Teplinsky debate whether the United States should start doing commercial espionage I know, I know, we promised that the Cyberlaw Podcast would go on hiatus for the month of August.  But we also hinted that there might be a bonus episode.  And here it… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Bruce Andrews

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Security Programs & Policies

Our guest for episode 77 is Bruce Andrews, the deputy secretary of the Commerce Department. Alan Cohn and I pepper Bruce with questions about export controls on cybersecurity technology, stopping commercial cyberespionage, the future of the NIST cybersecurity framework, and how we can get on future cybersecurity trade missions, among other things. In the news… Continue Reading

Does Your CEO Know What’s Keeping You Up at Night?

Posted in Cybersecurity and Cyberwar, Data Breach

Security Magazine’s Security Talk interviewed us on how we help clients navigate cybersecurity issues.  In the article, “Does Your CEO Know What’s Keeping You Up at Night?,” we discuss how a company’s ability to weather a cyber attack depends in part on the decisions the company makes both before a breach occurs and in the immediate… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Annie Antón and Peter Swire

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Episode 76 of the podcast features the power couple of privacy and cybersecurity, Peter Swire and Annie Antón, both professors at Georgia Institute of Technology.  I question them on topics from the USA FREEDOM Act to the enduring gulf between writing law and writing code. In the news roundup, as our listeners have come to… Continue Reading