experts and translators of the new domain
Articles by Paul Rosenzweig
Paul Rosenzweig is a prolific author, read a sampling of some of Paul’s most notable publications.
FTC Must Disclose Its Cybersecurity Standard
Those who have been following the debate know that the FTC recently won a pretty significant victory in its effort to enforce cybersecurity standards for organizations that hold consumer data. A district court held that inadequate cybersecurity could…
The President’s Big Data Report — Some Hat; Some Cattle
The Administration has released its long-awaited, review of Big Data — a report from the Executive Office of the President on the phenomenon of large-scale data collection and analysis. The review was accompanied by a blog post (apparently, this is…
And the Cobbler’s Children Have No Shoes ….
For quite some time, it has been apparent that the announcement of the NIST Cybersecurity Framework would be a seminal event. Though couched as a voluntary program, many expected that the Framework would become the de facto ground for liability.…
Wynhdam v. FTC Decided
As Wells reported Monday, the Third Circuit has issued its decision in Federal Trade Commission v. Wyndham Worldwide Corp. Readers may recall the background of the case. Wyndham was hacked by a Russian criminal gang who stole a host of personally…
Cybersecurity Information Sharing: One Step Toward U.S. Security, Prosperity, and Freedom in Cyberspace
The Internet is a powerful engine for growth and freedom, of which the United States has taken and continues to take full advantage. As everything from military systems to smartphones has become linked to the Internet, however, the number of bad…
The Continuing Low-Grade Cyber Conflict Between Ukraine and Russia
The Russia-Ukraine conflict is quickly becoming a textbook example of low-grade cyber tactics that will likely occur in almost all future conflicts. It has yet to, thankfully, graduate to a full-scale cyber assault, but we are seeing a number of…
RSA and the MPD
I was in Starbucks the other day and the man behind me was a DC Metropolitan Police Officer. As we waited, he and I had a pleasant conversation (I learned, for example, that he likes two pumps of creme brulee in his coffee). One thing, however,…
NIST Cybersecurity Framework Issued
The NIST Cybersecurity Framework has been released. It is accompanied by a Roadmap which is intended to be a work plan for future efforts on issues (like authentication) that require further study and work. At first glance the Roadmap looks quite…
How Likely Is A Successful Attack On The Electric Grid?
If you ask many of the folks on the front line of cybersecurity for our critical infrastructure they will tell you that a large-scale attack is very unlikely to succeed. They will all acknowledge, as they must, that legacy control systems are…
CrowdStrike Global Threats Report 2013
CrowdStrike, a US-based cybersecurity company, has just released its annual Global Threat Report 2013. For those who follow the area, the report reflects some interesting (and disturbing) trends in malicious activity. Most notable:The increased use…