My article Cybersecurity, Encryption, and Corporate Social Responsibility has been published in the current edition of the Georgetown Journal of International Affairs. I argue in this paper that “[c]ompanies such as Apple should recognize that they have a social responsibility to work with governments on security issues, and such a corporate social responsibility norm should […]
There’s a good post on Dark Reading by Ido Safruti about norms and etiquette for bot code. According to Imperva’s most recent bot traffic report, bots comprise the majority of Internet traffic. May bots are intentionally disruptive or misleading — for example, bots that create comment link spam on blogs. Others are useful — for example, […]
Here is a tabletop exercise I drafted that we’ll be running at the Second Annual NJSBA Cybersecurity Conference. Acme Corp. manufactures and sells industrial control systems (ICS). ICS devices integrate computer chips, hardware and software and can be programmed to monitor, regulate and control various components of commercial manufacturing, assembly and packaging plants. For example, […]
The WannaCry Ransomware attack has spread throughout the world over the past week. Fingers are pointing at Microsoft for the vulnerability in earlier versions of Windows, at the NSA for creating the leaked exploit, and at North Korea for allegedly perpetrating the attack. There is blame to go around, but if we were to assess […]
Here are the slides for my presentation on cybersecurity and the economic loss doctrine at the NJICLE 2016 Cybersecurity Conference.
Here are the slides for my presentation on law firms and cybersecurity at the NJICLE 2016 Cybersecurity Conference.
The FTC’s enforcement action against LabMD has been stayed in an unusual grant of emergent relief by the Eleventh Circuit. The FTC’s Opinion in LabMD essentially established a negligence balancing test for cybersecurity compliance. A negligence balancing test requires a rough evaluation of the burden of avoiding a risk (B) compared to the probability of […]
“Ransomware” is malicious software that enables attackers to hold computer data or a computer network hostage until a ransom is paid. Ransomware often encrypts all the files on a system, making them unusable until the attacker supplies an encryption key. An FBI Alert issued last week stated that ransomware infections are at an “all-time high.” […]
Here is a nifty graphic from the McAfee Labs 2016 Threat Predictions Report.