Header graphic for print
Steptoe Cyberblog

Category Archives: Security Programs & Policies

Subscribe to Security Programs & Policies RSS Feed

Episode 230: Click Here to Kill Everybody

Posted in International, Privacy Regulation, Security Programs & Policies

  We are fully back from our August hiatus, and leading off a series of great interviews, I talk with Bruce Schneier about his new book, Click Here to Kill Everybody: Security and Survival in a Hyper-Connected World. Bruce is an internationally renowned technologist, privacy and security commentator, and someone I respect a lot more… Continue Reading

Bonus: Interview with Bruce Schneier (2015)

Posted in Cybersecurity and Cyberwar, Privacy Regulation, Security Programs & Policies

  We’re still on hiatus, but we’re back again this week with another bonus episode. Our next season will feature an interview with Bruce Schneier, cryptography, computer science, and privacy guru, about his latest book, Click Here to Kill Everybody: Security and Survival in a Hyper-connected World. So it only seems appropriate to revisit my… Continue Reading

Episode 228: Best idea yet for derailing the Kavanaugh nomination

Posted in CFIUS, China, Cybersecurity and Cyberwar, European Union, Privacy Regulation, Security Programs & Policies

Our guest for the interview is Noah Phillips, recently appointed FTC Commissioner and former colleague of Stewart Baker at Steptoe. Noah fields questions about the European Union, privacy, and LabMD, about whether Silicon Valley suppression of conservative speech should be a competition law issue, about how foreign governments’ abuse of merger approvals can be disciplined,… Continue Reading

The Cyberlaw Podcast – News Roundup

Posted in China, International, Privacy Regulation, Security Programs & Policies

Episode 218: The Mugshots.com Case: California Crazy Meets European Crazy In this episode, Markham Erickson highlights the Mugshots.com prosecution. The site had a loathsome business model, publishing mugshots for free and charging hundreds of bucks to people who wanted the record of their arrests taken down. Now the owners are being prosecuted in a case… Continue Reading

The Cyberlaw Podcast – Interview with Nicholas Schmidle

Posted in Cybersecurity and Cyberwar, Privacy Regulation, Security Programs & Policies

Episode 215:  The Zelig of Hacking Back Our interview is with Nick Schmidle, staff writer for the New Yorker. His report on cybersecurity work that goes to the edge of the law and beyond turns up some previously unreported material, including the tale of Shawn Carpenter, a cybersecurity researcher with a talent for showing up… Continue Reading

The Cyberlaw Podcast – Interview with Michael Page

Posted in AI, CFIUS, China, Security Programs & Policies

Episode 209 It was a cyberlaw-packed week in Washington. Congress jammed the CLOUD Act into the omnibus appropriations bill, and boom, just like that, it’s law. Say good-bye to the Microsoft Ireland case just argued in the Supreme Court. Maury Shenk offers a view of the Act from the United Kingdom, the most likely and maybe the only… Continue Reading

The Cyberlaw Podcast — News Roundup

Posted in Blockchain, Cybersecurity and Cyberwar, International, Security Programs & Policies

Episode 205: Scandularity Today’s news roundup begins with Maury Shenk and Brian Egan offering their views about the Supreme Court oral argument in the Microsoft Ireland case. We highlight some of the questions that may tip the Justices’ hand. Brian and I dig into the Dems’ reply memo on the Carter Page FISA application. I’m mostly unshocked… Continue Reading

The Cyberlaw Podcast – Interview with Glenn Gerstell

Posted in Privacy Regulation, Security Programs & Policies

Episode 203: Interview with Glenn Gerstell This episode consists of Jamil Jaffer and I interviewing Glenn Gerstell, the General Counsel of the National Security Agency. Glenn explains what it was like on the inside of the effort to reauthorize section 702 of FISA. Jamil and I ask him whether the FISA court has the authority to deal… Continue Reading

The Cyberlaw Podcast – The News Roundup

Posted in International, Security Programs & Policies

Cyberlaw Podcast alumnus Marten Mickos was called before the Senate Commerce Committee to testify about HackerOne’s bug bounty program. But the unhappy star of the hearings was Uber, which was heavily criticized for having paid out a large bonus under cloudy circumstances. Sen. Blumenthal and others on the Hill treated the payment as more ransom than bounty… Continue Reading

The Cyberlaw Podcast — Interview with Shane Harris

Posted in China, Data Breach, Government Contracts, Security Programs & Policies

Episode 198 — Interview with Shane Harris It turns out that the most interesting policy story about Kaspersky software isn’t why the administration banned its products from government use. It’s why the last administration didn’t.  Shane Harris is our guest for the podcast, delving into the law and politics of the Kaspersky ban.  Along the way,… Continue Reading

The Cyberlaw Podcast — Interview with Elsa Kania

Posted in China, Cybersecurity and Cyberwar, Privacy Regulation, Security Programs & Policies

Episode 196: Did AlphaGo launch an arms race with China? In this episode, I interview Elsa Kania, author of a Center for a New American Security report on China’s plan for military uses of artificial intelligence – a plan that seems to have been accelerated by the asymmetric impact of AlphaGo on the other side… Continue Reading

The Cyberlaw Podcast — Interview with Susan Hennessey and Andrew McCarthy

Posted in China, Cybersecurity and Cyberwar, Security Programs & Policies

Interview with Susan Hennessey and Andrew McCarthy Episode 195 features an interview with Susan Hennessey of Lawfare and Andrew McCarthy of the National Review.  They walk us through the “unmasking” of US identities in intelligence reports — one of the most divisive partisan issues likely to come up in the re-enactment of section 702 of… Continue Reading

The Cyberlaw Podcast — Election Cybersecurity Panel with Chris Krebs and Ed Felten

Posted in Security Programs & Policies

191: Election security may be better than you think.  Unless you live in New Jersey. Episode 191 is our long-awaited election security podcast before a live, and lively, audience.  Our panel consists of Chris Krebs, formerly of Microsoft and now the top cybersecurity official at DHS (with the longest title in the federal government as proof),… Continue Reading

The Cyberlaw Podcast – Interview with United States Senator Sheldon Whitehouse

Posted in Cybersecurity and Cyberwar, Security Programs & Policies

Episode 190: Interview with United States Senator Sheldon Whitehouse In our 190th episode Stewart Baker has a chance to interview United States Senator Sheldon Whitehouse (D-RI) has a long history of engagement with technology and security issues.  In this episode, we spend a remarkably detailed half-hour with him, covering the cybersecurity waterfront, from the FBI’s… Continue Reading

The Cyberlaw Podcast – Interview with United States Representative Tom Graves

Posted in Cybersecurity and Cyberwar, Data Breach, Privacy Regulation, Security Programs & Policies

Episode 189: Hack Back in Black: Interviewing United States Representative Tom Graves about the ACDC act. Today’s bonus episode is an interview with Rep. Graves, co-sponsor of the Active Cyber Defense Certainty (ACDC) Act, which allows those whose networks are under persistent attack to leave their network to conduct investigative action. Rep. Graves offers a… Continue Reading

The Cyberlaw Podcast – Interview with Mårten Mickos

Posted in Data Breach, Security Programs & Policies

Episode 185: The Midnight Basketball of Cybersecurity This episode features an interview with Mårten Mickos, the CEO of HackerOne. HackerOne administers bug bounty and vulnerability disclosure programs for a host of private companies as well as DOD’s “Hack the Pentagon” program. He explains how such programs work, how companies and agencies typically get started (with “vulnerability disclosure”… Continue Reading

The Cyberlaw Podcast – The Shane Roundup

Posted in Cybersecurity and Cyberwar, International, Privacy Regulation, Security Programs & Policies

Today’s news roundup features Shane Harris of the Wall Street Journal, Brian Egan, and Alan Cohn discussing stories that Shane wrote last week.  Out of the box, we work through the hall of mirrors that the Kaspersky hacking story has become. The Russian hacking story is biting more companies than just Kaspersky.  Turns out that… Continue Reading

Interview with Jeanette Manfra

Posted in Data Breach, Security Programs & Policies

Episode 179: Interview with Jeanette Manfra Our interview is with Jeanette Manfra, DHS’s Assistant Secretary for Cyber Security and Communications. We cover her agency’s binding directive to other civilian agencies to purge Kaspersky software from their systems, and her advice to victims of the Equifax breach (and to doctors who think that Abbott Labs’ heart implants… Continue Reading