Header graphic for print
Steptoe Cyberblog

Category Archives: Security Programs & Policies

Subscribe to Security Programs & Policies RSS Feed

The Cyberlaw Podcast – Interview with Nicholas Schmidle

Posted in Cybersecurity and Cyberwar, Privacy Regulation, Security Programs & Policies

Episode 215:  The Zelig of Hacking Back Our interview is with Nick Schmidle, staff writer for the New Yorker. His report on cybersecurity work that goes to the edge of the law and beyond turns up some previously unreported material, including the tale of Shawn Carpenter, a cybersecurity researcher with a talent for showing up… Continue Reading

The Cyberlaw Podcast – Interview with Michael Page

Posted in AI, China, CIFIUS, Security Programs & Policies

Episode 209 It was a cyberlaw-packed week in Washington. Congress jammed the CLOUD Act into the omnibus appropriations bill, and boom, just like that, it’s law. Say good-bye to the Microsoft Ireland case just argued in the Supreme Court. Maury Shenk offers a view of the Act from the United Kingdom, the most likely and maybe the only… Continue Reading

The Cyberlaw Podcast — News Roundup

Posted in Blockchain, Cybersecurity and Cyberwar, International, Security Programs & Policies

Episode 205: Scandularity Today’s news roundup begins with Maury Shenk and Brian Egan offering their views about the Supreme Court oral argument in the Microsoft Ireland case. We highlight some of the questions that may tip the Justices’ hand. Brian and I dig into the Dems’ reply memo on the Carter Page FISA application. I’m mostly unshocked… Continue Reading

The Cyberlaw Podcast – Interview with Glenn Gerstell

Posted in Privacy Regulation, Security Programs & Policies

Episode 203: Interview with Glenn Gerstell This episode consists of Jamil Jaffer and I interviewing Glenn Gerstell, the General Counsel of the National Security Agency. Glenn explains what it was like on the inside of the effort to reauthorize section 702 of FISA. Jamil and I ask him whether the FISA court has the authority to deal… Continue Reading

The Cyberlaw Podcast – The News Roundup

Posted in International, Security Programs & Policies

Cyberlaw Podcast alumnus Marten Mickos was called before the Senate Commerce Committee to testify about HackerOne’s bug bounty program. But the unhappy star of the hearings was Uber, which was heavily criticized for having paid out a large bonus under cloudy circumstances. Sen. Blumenthal and others on the Hill treated the payment as more ransom than bounty… Continue Reading

The Cyberlaw Podcast — Interview with Shane Harris

Posted in China, Data Breach, Government Contracts, Security Programs & Policies

Episode 198 — Interview with Shane Harris It turns out that the most interesting policy story about Kaspersky software isn’t why the administration banned its products from government use. It’s why the last administration didn’t.  Shane Harris is our guest for the podcast, delving into the law and politics of the Kaspersky ban.  Along the way,… Continue Reading

The Cyberlaw Podcast — Interview with Elsa Kania

Posted in China, Cybersecurity and Cyberwar, Privacy Regulation, Security Programs & Policies

Episode 196: Did AlphaGo launch an arms race with China? In this episode, I interview Elsa Kania, author of a Center for a New American Security report on China’s plan for military uses of artificial intelligence – a plan that seems to have been accelerated by the asymmetric impact of AlphaGo on the other side… Continue Reading

The Cyberlaw Podcast — Interview with Susan Hennessey and Andrew McCarthy

Posted in China, Cybersecurity and Cyberwar, Security Programs & Policies

Interview with Susan Hennessey and Andrew McCarthy Episode 195 features an interview with Susan Hennessey of Lawfare and Andrew McCarthy of the National Review.  They walk us through the “unmasking” of US identities in intelligence reports — one of the most divisive partisan issues likely to come up in the re-enactment of section 702 of… Continue Reading

The Cyberlaw Podcast — Election Cybersecurity Panel with Chris Krebs and Ed Felten

Posted in Security Programs & Policies

191: Election security may be better than you think.  Unless you live in New Jersey. Episode 191 is our long-awaited election security podcast before a live, and lively, audience.  Our panel consists of Chris Krebs, formerly of Microsoft and now the top cybersecurity official at DHS (with the longest title in the federal government as proof),… Continue Reading

The Cyberlaw Podcast – Interview with United States Senator Sheldon Whitehouse

Posted in Cybersecurity and Cyberwar, Security Programs & Policies

Episode 190: Interview with United States Senator Sheldon Whitehouse In our 190th episode Stewart Baker has a chance to interview United States Senator Sheldon Whitehouse (D-RI) has a long history of engagement with technology and security issues.  In this episode, we spend a remarkably detailed half-hour with him, covering the cybersecurity waterfront, from the FBI’s… Continue Reading

The Cyberlaw Podcast – Interview with United States Representative Tom Graves

Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & Policies

Episode 189: Hack Back in Black: Interviewing United States Representative Tom Graves about the ACDC act. Today’s bonus episode is an interview with Rep. Graves, co-sponsor of the Active Cyber Defense Certainty (ACDC) Act, which allows those whose networks are under persistent attack to leave their network to conduct investigative action. Rep. Graves offers a… Continue Reading

The Cyberlaw Podcast – Interview with Mårten Mickos

Posted in Data Breach, Security Programs & Policies

Episode 185: The Midnight Basketball of Cybersecurity This episode features an interview with Mårten Mickos, the CEO of HackerOne. HackerOne administers bug bounty and vulnerability disclosure programs for a host of private companies as well as DOD’s “Hack the Pentagon” program. He explains how such programs work, how companies and agencies typically get started (with “vulnerability disclosure”… Continue Reading

The Cyberlaw Podcast – The Shane Roundup

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

Today’s news roundup features Shane Harris of the Wall Street Journal, Brian Egan, and Alan Cohn discussing stories that Shane wrote last week.  Out of the box, we work through the hall of mirrors that the Kaspersky hacking story has become. The Russian hacking story is biting more companies than just Kaspersky.  Turns out that… Continue Reading

Interview with Jeanette Manfra

Posted in Data Breach, Security Programs & Policies

Episode 179: Interview with Jeanette Manfra Our interview is with Jeanette Manfra, DHS’s Assistant Secretary for Cyber Security and Communications. We cover her agency’s binding directive to other civilian agencies to purge Kaspersky software from their systems, and her advice to victims of the Equifax breach (and to doctors who think that Abbott Labs’ heart implants… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Richard Ledgett

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Episode 173:  Interview with Richard Ledgett Today we deliver the second half of our bifurcated holiday podcast with an interview of Richard Ledgett, recently retired from his tour as NSA’s deputy director. We cover much recent history, from Putin’s election adventurism to questions about whether NSA can keep control of the cyberweapons it develops.  Along the… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Ellen Nakashima

Posted in Data Breach, International, Security Programs & Policies

Episode 171.  Implants in the Kremlin’s Snack Machines? Our guest, Ellen Nakashima, was coauthor of a Washington Post article that truly is a first draft of history, though not a chapter the Obama administration is likely to be proud of.  She and Greg Miller and Adam Entous chronicle the story of Russia’s information operations attack… Continue Reading

Steptoe Cyberlaw Podcast – News Roundup

Posted in Data Breach, International, Security Programs & Policies

Episode 170 This week’s episode is a news roundup without interview.  We lead with the Senate’s overwhelming adoption of unexpectedly tough Russia sanctions along with the Iran sanctions bill.  The mainstream press has emphasized that the bill will lock the Obama sanctions into legislation, but Anthony Rapa explains that the bigger story is just how… Continue Reading

Steptoe Cyberlaw Podcast – Interview with Tim Maurer

Posted in Data Breach, International, Security Programs & Policies

Episode 164: Stewart on the Road to Tarsus Episode 164 features Stewart Baker’s startling change of heart on the question of cyberspace norms. Credit goes to our interview guest, Tim Maurer, Fellow and co-director of the Cyber Policy Initiative at the Carnegie Endowment for International Peace. And perhaps as well to Brian Egan, former Legal… Continue Reading

Steptoe Cyberlaw Podcast — Interview with Susan Munro

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies, Uncategorized

Episode 163 With our sound system back on line, episode 163 is already a big step up from Lost Episode 162.  (Transcripts of 162 are available for those who wish by sending email to CyberlawPodcast@steptoe.com.) Our interview is with Susan Munro, of Steptoe’s Beijing office.  Susan unwinds the complex spool of cyberlaw measures promulgated by… Continue Reading

Steptoe Cyberlaw Podcast — Interview with Michael Schmitt

Posted in Cybersecurity and Cyberwar, International, Security Programs & Policies

Episode 162: The Law of Armed Vibrators In this episode, I debate Michael Schmitt, a prime mover in two Talinn Manuals on international law and cyber operations. We are joined by an expert on the topic and a new Steptoe partner, Brian Egan, who was formerly the State Department legal adviser, among other accomplishments.  And… Continue Reading