The Biden administration’s effort to counter ransomware may not be especially creative, but it is comprehensive. The administration is pushing all the standard buttons on the interagency dashboard, including the usual high-level task force and a $10 million reward program (but not including hackback authority for victims, despite headlines suggesting otherwise. And all the

Ransomware attacks have been soaring in frequency and severity, affecting companies, government agencies, and nonprofits and leading to larger and larger ransom demands as a condition for unlocking the victim’s information systems. On June 30, 2021, the New York State Department of Financial Services (NYDFS) issued guidance on how potential victims can minimize the risk

On July 7, 2021, Gov. Jared Polis signed into law the Colorado Privacy Act (CPA), which will go into effect on July 1, 2023. Like California’s and Virginia’s data privacy laws, the CPA aims to provide consumers with greater control over their data and enhanced transparency with respect to how their data is used. However,

We begin the episode with a review of the massive Kaseya ransomware attack.

Dave Aitel digs into the technical aspects while Paul Rosenzweig and Matthew Heiman explore the policy and political But either way, the news is bad.

Then we come to the Florida ‘deplatforming’ law, which a Clinton appointee dispatched in a cursory

Paul Rosenzweig lays out the much more careful, well-written, and a policy catastrophe in the making. The main problem? It tries to turn one of the most divisive issues in American life into a problem to be solved by technology. Apparently because that has worked so well in areas like content suppression. In fact,

The Biden administration is pissing away one of the United States’ most important counterterrorism intelligence programs. At least that’s my conclusion  from this episode’s depressing review of the administrations halting and delusion-filled approach to the transatlantic data crisis. The EU thinks time is on its side, and it’s ignoring Jamil Jaffer’s heartfelt plea to

President Bill Clinton earned lasting notoriety for his explanation of why his statement denying a relationship with Monica Lewinsky was truthful (“it depends on what the meaning of the word ‘is’ is”). It is doubtful Justice Amy Coney Barrett’s majority opinion for the Supreme Court last week in Van Buren v. U.S. will earn as

On May 12, 2021, President Biden signed a landmark Executive Order to improve and modernize the federal government’s cybersecurity infrastructure. The Executive Order comes in the wake of numerous cyber incidents targeting the United States, including the so-called SolarWinds, Microsoft Exchange, and Colonial Pipeline incidents. The Executive Order will directly affect government contractors, including companies

Brian Egan hosts this episode of the podcast, as Stewart Baker is hiking the wilds of New Hampshire with family. Nick Weaver joins the podcast to discuss the week in ransomware, as DOJ gets serious, and the gangs do too. Justice has a new ransomware task force,  and the gangs have asked  for $50

Our interview is with Kim Zetter, author of the best analysis to date of the weird messaging from NSA and Cyber Command about the domestic “blind spot” or “gap” in their cybersecurity surveillance. I ask Kim whether this is a prelude to new NSA domestic surveillance authorities (definitely not, at least under this