experts and translators of the new domain
Articles by Paul Rosenzweig
Paul Rosenzweig is a prolific author, read a sampling of some of Paul’s most notable publications.
The Lawfare Podcast: Timothy Edgar and Paul Rosenzweig on the Volt Typhoon Cyber Intrusion
Last May, Microsoft announced that a Chinese state-sponsored hacking group, Volt Typhoon, appeared to be targeting U.S. critical infrastructure and entities abroad in part through establishing a presence in a malware-infected network, or botnet,…
Big Tech’s trouble in China: New ‘work secrets’ law could force tough choices
For years, the national and cyber security communities have warned technology companies like Microsoft, Amazon and Oracle that escalating tensions between the United States and China would ultimately make them choose between one of their largest…
Volt Typhoon and the Disruption of the U.S. Cyber Strategy
The recent Chinese cyberintrusion highlights the need for a reexamination of U.S. cybersecurity strategy. The Volt Typhoon cyber intrusion into U.S. critical infrastructure is troubling on many levels. The most significant, however, is the way in…
The Russian Hack of Microsoft: Lessons for Cybersecurity
The rudimentary hack suggests a significant impact from new SEC disclosure rules and continued impunity for foreign hackers. Last Friday after market close, Microsoft submitted an 8-K filing to the U.S. Securities and Exchange Commission (SEC)…
The Lawfare Podcast: Year-End Event, Part Two: A Conversation with the Lawfare Team
It’s part two of our Lawfare year-end event. Yesterday, we brought you the headliner conversation with Adam Kinzinger. Today, it’s three panels of Lawfare insiders talking about the year to come and the year that’s passed. We did a panel on…
The Lawfare Podcast: Three CISA Senior Advisers on Secure by Design
Secure by Design means different things to different people. As part of Lawfare’s ongoing project to understand what Secure by Design might mean in practice, we are trying to identify the open questions—areas where research or inquiry might help our…
Findings From the White Hat Cyber Forecasting Tournament
A year and a half ago, we announced the White Hat Cyber Forecasting Tournament: a prediction platform for cybersecurity. The tournament was designed as part of a broader project to research alternative methods of gathering information about…
Announcing a New Lawfare Project on “Security by Design”
Technology’s ubiquitous nature and integration into almost every aspect of our daily life make the risks from insecure technology that much more damaging. And yet the hardware and software on which we rely is pervasively insecure. If you want one…
Geneva Convention for AI development
The likelihood of a Geneva Convention for AI development is about the same as the chances of a Geneva Convention to set the rules for cybersecurity and cyberconflict … which is to say, precisely zero.
Importance of Standards to National Security
Standards are many, and they have value. You know that. We’ll talk more about their definition and variety in just a moment, but we begin this discussion in an engineering frame of mind: problem statement first, solution second. The general problem…