Header graphic for print
Steptoe Cyberblog

Tag Archives: hacking

Steptoe Cyberlaw Podcast — Interview with John “Four” Flynn, Heather Adkins, and Troels Oerting

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

In this episode, Stewart Baker goes to RSA and interviews the people that everyone at RSA is hoping to sell to – CISOs. In particular, John “Four” Flynn of Uber, Heather Adkins of Google, and Troels Oerting of Barclays Bank. We ask them what trends at RSA give them hope for the future, which make… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Dominic Rochon and Patricia Kosseim

Posted in Cybersecurity and Cyberwar, Data Breach, International

Our interview features a classic “please don’t read this” headline: “Worthwhile Canadian Initiatives.”  We explore multiple worthwhile Canadian initiatives with Dominic Rochon, deputy chief of policy and communications for CSE, Canada’s version of the NSA and with Patricia Kosseim, general counsel and director general for policy at the Office of Canada’s Privacy Commissioner.  Among other… Continue Reading

Steptoe Cyberlaw Podcast – News Roundup

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Uncategorized

Posse Comitatus: Latin for “Get off my turf”? Would it violate the Posse Comitatus Act to give DOD a bigger role in cybersecurity?  Michael Vatis and I call BS on the idea, which I ascribe to Trump Derangement Syndrome and Michael more charitably ascribes to a DOD-DHS turf fight. Should the FDA allow implants of… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Davis Hake and Nico Sell

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Episode 145:  What Donald Trump and “Occupy Wall Street” have in common We interview two contributors to CSIS’s Cybersecurity Agenda for the 45th President.  Considering the track record of the last three Presidents, it’s hard to be optimistic, but Davis Hake and Nico Sell offer a timely look at some of the most pressing policy… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Matthew Green

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Vlad’s Botox Fresh off a redeye from Israel, I interview Matthew Green of the Johns Hopkins Information Security Institute.  Security news from the internet of things grows ever grimmer, we agree, but I get off the bus when Matt and the EFF try to solve the problem with free speech law. In the news roundup,… Continue Reading

Steptoe Cyberlaw Podcast – Interview with John Markoff

Posted in Cybersecurity and Cyberwar, Data Breach

The Autonomous Weapon Who Went to the Beach Episode 140 features long-time New York Times reporter, John Markoff, on the past and future of artificial intelligence and its ideological converse – the effort to make machines that augment rather than replace human beings.  Our conversation covers everything from robots, autonomous weapons, and Siri to hippie… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Paul Rosenzweig and Shane Harris

Posted in China, Cybersecurity and Cyberwar, Data Breach, Privacy Regulation

We couldn’t resist.  This week’s topic is of course President-elect Trump and what his election could mean for All Things Cyber.  It features noted cybercommentator Paul Rosenzweig and Daily Beast reporter Shane Harris.  In the news, we’re reminded of the old Wall Street saying that bulls and bears can both make money in the market… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Frank Cilluffo

Posted in Cybersecurity and Cyberwar, Data Breach

The episode features a vigorous and friendly debate between me and Frank Cilluffo over his Center’s report on active defense, titled “Into the Gray Zone.”  It’s a long and detailed analysis by the Center for Homeland and Cyber Security at GW University.  My fear: the report creates gray zones for computer defense that should not… Continue Reading

Steptoe Cyberlaw Podcast – Interview with John Carlin

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

John Carlin leaves Justice:  We give him the good news and the bad news. Episode 134 features John Carlin’s swan song as assistant attorney general for national security.  We review the highs and lows of his tenure from a cybersecurity point of view and then look to the future, including how the US should respond… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Matt Cutts and Lisa Wiswell

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

A record-setting insecurity week. Our interview in episode 131 is with Matt Cutts and Lisa Wiswell from the Pentagon’s Defense Digital Service.  Matt joined the Digital Service from Google where he authored their SafeSearch content filter.  Lisa is a bureaucracy hacker with the Defense Digital Service and previously spent years working on cyber-warfare in DOD’s… Continue Reading

Steptoe Cyberlaw Podcast – News Round-up with Phil West

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Security Programs & Policies

Ironman meets the Antideficiency Act In episode 129, Alan Cohn and I dive deep on the Government Oversight committee’s predictably depressing and unpredictably entertaining report on the OPM hack. Cheeky Chinese hackers register their control sites to superhero alter egos.  And poor, patriotic Cytech finds an intruder during a sales demo, rushes to provide support… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Scott DePasquale

Posted in Cybersecurity and Cyberwar, Data Breach, International, Security Programs & Policies

The podcast is back with a bang from hiatus. Our guest, Scott DePasquale, is the CEO of Utilidata, an electric utility IoT and cybersecurity company. Scott talks about his contribution to the Internet Security Alliance’s upcoming book, The Cyber Security Social Contract. Episode 128 also brings you a news roundup from the most momentous August… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Ed Hammersla and Brian White

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Episode 126 – The podcast goes to the conventions If Vladimir Putin can do it, so can we. This week the podcast dives deep into the US presidential campaign. I of course talk with Maury Shenk about evidence that the Russians are behind “Guccifer 2.0” and the DNC data leak – aided by a Wikileaks… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Gen. Michael Hayden

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

Want to see cyber attribution and deterrence in action? In August, a hacker pulled the names of US military personnel and others out of a corporate network and passed them to ISIL. British jihadist Junaid Hussain exulted when ISIL released the names. “They have us on their ‘hit list,’ and we have them on ours… Continue Reading

The GitHub Attack, Part 1: Making International Cyber Law the Ugly Way

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

Over the past few years, the US government has invested heavily in trying to create international norms for cyberspace. We’ve endlessly cajoled other nations to agree on broad principles about internet freedom and how the law of war applies to cyberconflicts. Progress has been slow, especially with countries that might actually face us in a cyberwar…. Continue Reading

Steptoe Cyberlaw Podcast – Atlantic Council Panel

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Bonus Episode 78:  Dmitri Alperovitch, Harvey Rishikof, Stewart Baker, and Melanie Teplinsky debate whether the United States should start doing commercial espionage I know, I know, we promised that the Cyberlaw Podcast would go on hiatus for the month of August.  But we also hinted that there might be a bonus episode.  And here it… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Bruce Andrews

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Security Programs & Policies

Our guest for episode 77 is Bruce Andrews, the deputy secretary of the Commerce Department. Alan Cohn and I pepper Bruce with questions about export controls on cybersecurity technology, stopping commercial cyberespionage, the future of the NIST cybersecurity framework, and how we can get on future cybersecurity trade missions, among other things. In the news… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Michael Casey

Posted in Blockchain, Cybersecurity and Cyberwar, International, Privacy Regulation

Hip Hop Summit at Graceland: Michael Casey and Digital Money Bitcoin and the blockchain – how do they work and what do they mean for financial and government services and for consumers? And who holds massive stores of bitcoin that can’t be spent without solving one of the great financial mysteries of our time?  Our… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Julian Sanchez

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Our guests for Episode 68 include Julian Sanchez, senior fellow at the CATO Institute where he studies issues at the busy intersection of technology, privacy, and civil liberties, with a particular focus on national security and intelligence surveillance. They also include the entire May meeting of ISSA- NOVA, which kindly invited the Cyberlaw Podcast to… Continue Reading

Treasury Sanctions on Cyber Attackers

Posted in Cybersecurity and Cyberwar, Data Breach, Security Programs & Policies

The executive order allowing the President to impose OFAC sanctions on hackers is good news.  I’ve been calling on the government for several years to go beyond attribution to retribution.  See, for example this post from 2012, this Foreign Policy article, and this recent podcast with Juan Zarate.  Similar sentiments were expressed in a 2013 report… Continue Reading

A Week of Bad News and Good News in Cybersecurity – Here’s What You Need to Know

Posted in Cybersecurity and Cyberwar, Data Breach, Security Programs & Policies

It was a busy week for companies and government agencies struggling to combat the growing threat of cyber-attacks, with some bad news and some good news.  Here’s what you need to know, and how we can help. What you Need to know First, the bad news: Lawsuits against Target move forward and lawsuits against Home… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Richard Danzig

Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & Policies

Wow, that was quick. I haven’t even turned on the air conditioning at home yet, and already we’ve done the last podcast of the summer.  The Steptoe Cyberlaw Podcast will go on hiatus for August and return after Labor Day! This week in NSA: The Senate Judiciary Committee, the most anti-NSA of the Senate committees… Continue Reading

9/11 Commission Gingerly Embraces “Direct Action” Against Hackers

Posted in Cybersecurity and Cyberwar, Security Programs & Policies

I’ve long been an advocate for fewer restraints on how the private sector responds to hacking attacks.  If the government can’t stop and can’t punish such attacks, in my view the least it could do is not threaten the victims with felony prosecution for taking reasonable measures in self-defense.  I debated the topic with co-blogger… Continue Reading