experts and translators of the new domain
Articles by Paul Rosenzweig
Paul Rosenzweig is a prolific author, read a sampling of some of Paul’s most notable publications.
Melissa Hathaway on The Future of Cybersecurity
Melissa Hathaway was a senior cybersecurity adviser to President George W. Bush and led President Barack Obama’s cyberspace policy review. She always has something intersting to say. For a slow Sunday as await the start of a busy week, here is a…
Unpacking Uranium One: Hype and Law
The latest instance of “what-aboutism” is the House Republican decision to open an investigation of the Uranium One transaction—the allegation that Hillary Clinton transferred control of 20% of America’s uranium mining output to a Russian company, in…
Protecting Electoral Infrastructure–Klobuchar/Graham and the NDAA
Our electoral infrastructure consists of two distinct pieces (or so it seems to me): a broader public context in which elections occur and a narrower system of election management. To date, almost everything we know about Russian electoral…
The Tell-Tale Heart
The Internet of Things is a marvel. Cars, medical devices, homes, refrigerators—all of them now come with silicon chips and data collection, analysis and sharing capabilities. For the most part the enhancements in efficiency, connectivity and…
NIST Is a Standard-Setting Agency, Not a Regulator
Key Takeaways Congressional House Republicans have introduced a proposal to make NIST responsible for cybersecurity audits across the government. The idea is flawed in many respects—most especially because asking NIST to do an audit is asking them to…
Cyber Cooperation with Bad Actors is Always a Bad Idea
President Trump’s trip to Europe was not a complete failure — his speech in Poland struck me as reasonable and Presidential. But his meeting with Russian President Vladimir Putin and their discussion on cybersecurity was not a shining moment.…
Active Cyber Defense a/k/a Hackback
I am a bit of an outlier in the cybersecurity community since I think that there are circumstances in which private actors ought to be allowed to more aggressively respond to intrusions on their systems (though I don’t go “full postal” on the issue).…
Next Steps for U.S. Cybersecurity in the Trump Administration: Active Cyber Defense
The failure of the government to provide adequate protection has led many cybersecurity analysts, scholars, and policymakers to suggest that there is a need for private-sector self-help. If the government is unable or unwilling to take or threaten…
Revised Draft Trump EO on Cybersecurity: May 2017 Version
Rumors had it that the Cybersecurity EO was contingent on resolving how to deal with IT technology development and innovation. Now that the innovation Executive Order is public, a revised Cyber EO is circulating. Here is the copy I received: Rumors…
Trump–Modi Agenda for Next Steps in U.S.–India Cybersecurity Cooperation
Malicious cyber activity from other states and non-state actors shows no sign of abating anytime soon. Both the U.S. and India have been working on behavioral norms in cyber space—an effort that should be sustained. Bad actors, however, do not…