experts and translators of the new domain
Articles by Paul Rosenzweig
Paul Rosenzweig is a prolific author, read a sampling of some of Paul’s most notable publications.
The Russian Hack of Microsoft: Lessons for Cybersecurity
The rudimentary hack suggests a significant impact from new SEC disclosure rules and continued impunity for foreign hackers. Last Friday after market close, Microsoft submitted an 8-K filing to the U.S. Securities and Exchange Commission (SEC)…
The Lawfare Podcast: Year-End Event, Part Two: A Conversation with the Lawfare Team
It’s part two of our Lawfare year-end event. Yesterday, we brought you the headliner conversation with Adam Kinzinger. Today, it’s three panels of Lawfare insiders talking about the year to come and the year that’s passed. We did a panel on…
The Lawfare Podcast: Three CISA Senior Advisers on Secure by Design
Secure by Design means different things to different people. As part of Lawfare’s ongoing project to understand what Secure by Design might mean in practice, we are trying to identify the open questions—areas where research or inquiry might help our…
Findings From the White Hat Cyber Forecasting Tournament
A year and a half ago, we announced the White Hat Cyber Forecasting Tournament: a prediction platform for cybersecurity. The tournament was designed as part of a broader project to research alternative methods of gathering information about…
Announcing a New Lawfare Project on “Security by Design”
Technology’s ubiquitous nature and integration into almost every aspect of our daily life make the risks from insecure technology that much more damaging. And yet the hardware and software on which we rely is pervasively insecure. If you want one…
How American companies are fueling China’s AI race
Lenin is quoted as saying, “the capitalists will sell us the rope with which we will hang them.” Wittingly or unwittingly, American tech companies are selling rope to China in the form of an intellectual property transfer, the likes of which has…
Geneva Convention for AI development
The likelihood of a Geneva Convention for AI development is about the same as the chances of a Geneva Convention to set the rules for cybersecurity and cyberconflict … which is to say, precisely zero.
The Jurisdiction of the New Data Protection Review Court
Biden’s recent executive order may transform how privacy complain It seems odd to say, but at least in one sense, Europeans are now more likely to be able to substantively challenge American intelligence community collection practices than Americans…
Importance of Standards to National Security
Standards are many, and they have value. You know that. We’ll talk more about their definition and variety in just a moment, but we begin this discussion in an engineering frame of mind: problem statement first, solution second. The general problem…
The Cyber Liability Fight Begins
Third-party liability for cybersecurity failures just got a lot more real. Third-party liability for cybersecurity failures just got a lot more real. For years, observers of cybersecurity practices have noted a systematic underinvestment in…