experts and translators of the new domain
Articles by Paul Rosenzweig
Paul Rosenzweig is a prolific author, read a sampling of some of Paul’s most notable publications.
The Lawfare Podcast: Three CISA Senior Advisers on Secure by Design
Secure by Design means different things to different people. As part of Lawfare’s ongoing project to understand what Secure by Design might mean in practice, we are trying to identify the open questions—areas where research or inquiry might help our…
Findings From the White Hat Cyber Forecasting Tournament
A year and a half ago, we announced the White Hat Cyber Forecasting Tournament: a prediction platform for cybersecurity. The tournament was designed as part of a broader project to research alternative methods of gathering information about…
Announcing a New Lawfare Project on “Security by Design”
Technology’s ubiquitous nature and integration into almost every aspect of our daily life make the risks from insecure technology that much more damaging. And yet the hardware and software on which we rely is pervasively insecure. If you want one…
How American companies are fueling China’s AI race
Lenin is quoted as saying, “the capitalists will sell us the rope with which we will hang them.” Wittingly or unwittingly, American tech companies are selling rope to China in the form of an intellectual property transfer, the likes of which has…
Geneva Convention for AI development
The likelihood of a Geneva Convention for AI development is about the same as the chances of a Geneva Convention to set the rules for cybersecurity and cyberconflict … which is to say, precisely zero.
The Jurisdiction of the New Data Protection Review Court
Biden’s recent executive order may transform how privacy complain It seems odd to say, but at least in one sense, Europeans are now more likely to be able to substantively challenge American intelligence community collection practices than Americans…
Importance of Standards to National Security
Standards are many, and they have value. You know that. We’ll talk more about their definition and variety in just a moment, but we begin this discussion in an engineering frame of mind: problem statement first, solution second. The general problem…
The Cyber Liability Fight Begins
Third-party liability for cybersecurity failures just got a lot more real. Third-party liability for cybersecurity failures just got a lot more real. For years, observers of cybersecurity practices have noted a systematic underinvestment in…
Congress needs to act immediately so drone authorities don’t lapse
Many in Congress have ambitious agendas for the current lame duck session — fund the government, raise the debt ceiling, and legislate the right to marry — but one vital step Congress absolutely must take is to protect the public against threats from…
Leveraging Crowd-Forecasting to Improve Our Understanding of Cybersecurity
Can we crowdsource our way toward a better cybersecurity industry? While prediction platforms are growing in popularity, there is not yet one focused on predicting events in cybersecurity. This presentation will explore how crowd-forecasting…