TAP Scholars on Cybersecurity

By TAP Staff Blogger
Last week the House of Representatives passed the controversial Cyber Intelligence Sharing and Protection Act (CISPA) in a 248-168 vote. Since then, various organizations and industries have come to support the bill or stand against the bill.
 
A recent Times article provides a breakdown of Who Supports CISPA and Who Doesn’t. Here is a quick glance:

  • Supporters:
    • Tech companies (IBM, Microsoft, Verizon, AT&T)
    • Financial sector
    • House Republicans
    • U.S. Chamber of Commerce
       
  • Opponents:
    • The White House
    • Reps. Joe Barton (R-TX) and Edward Markey (D-MA)
    • Electronic Frontier Foundation
    • Ron Paul (CISPA is the New SOPAThe Hill)
    • The ACLU

Below are a few TAP scholars with expertise in cybersecurity:
 
Peter Swire – Professor of Law at the Moritz College of Law of the Ohio State University
Professor Swire is recognized internationally as an expert in the fields of privacy, computer security, and the law of cyberspace.
 
In an op-ed piece for The Hill, Professor Swire examines the proposed cybersecurity legislation. In “Moving too fast on cybersecurity,” he stresses, “We should be very cautious about passing cybersecurity legislation this year.”
 
Andrea Matwyshyn – Assistant Professor, Legal Studies and Business Ethics, Wharton School
Professor Matwyshyn researches, teaches, and consults on technology law, commercial privacy, and corporate information security regulation.
 
Feds to Kids: Hacking for Government Agencies Can Be Cool, a NextGov article, reported on the Meet the Feds panel at the first-ever DEF CON Kids hacker conference. Professor Matwyshyn is quoted: “We need to train a new generation of kids to understand how code works and how they can fix it so that they can defend the United States from other people in other countries who may be seeing this [same activity] as a way to gauge warfare against us."
 
In her article, “Material Vulnerabilities: Data Privacy, Corporate Information Security and Securities RegulationProfessor Matwyshyn advocates data breach notification and information sharing across companies as a method for combatting cyber attacks. Pulling from the article’s abstract: “…disclosure of public companies' information security behaviors will assist them in maximizing shareholder value and will assist regulators in finding the inadequately secure points in our economy.”
 
Edward Felten – Chief Technologist with the Federal Trade Commission (FTC) and currently on leave from Princeton University
Professor Felten's research interests include computer security and privacy, and public policy issues relating to information technology. Specific topics include software security, Internet security, cybersecurity policy, technology for government transparency, network neutrality and Internet policy.
 
During the Cybercrime Conference this past October, Ed Felten provided the keynote speech in which he discussed what government can do to assure online security. Managing the agencies’ systems to model the best security practices; build expertise in understanding options in security; and, he suggested it was worth looking at changing the liability rules. In closing, he stressed that the key to success in combatting cybercrime is to share knowledge –across agencies, between government and the private sector, and between companies and industries. “We all need to chip away at it from our perspectives.”
 
Read a complete write-up of Felten’s keynote speech from TAP’s blog, FTC’s Chief Technologist Ed Felten Discusses Government’s Role in Combatting Cybercrime.
 
Helen Nissenbaum – Professor of Media, Culture, and Communication, and of Computer Science, New York University
Her areas of expertise span the social, ethical, and political implications of information technology and digital media.
 
Professor Nissenbaum’s article “Where Computer Security Meets National Security” examines two different definitions of computer security, and their impacts on national security policy choices. The article emphasizes that legislators should resist the urge to incorporate matters of technical computer security into a national security discourse of “cybersecurity;” and, ensure that computer security in general does not unduly compromise our society’s democratic values.
 
Neil Gandal – Professor of Economics in the Department of Public Policy at Tel Aviv University
Professor Gandal’s current research interests include the economics of Internet industries, open source software, and Internet security.
 
Professor Gandal’sAn Introduction to Key Themes in the Economics of Cyber-security” looks at how computer security problems like viruses are solved. The article outlines that one of the interesting economic factors in security are the “network effects.” Professor Gandal explains that a product becomes more valuable to a consumer when there are more users. However, network effects make security problems worse because many people tend to use the same product, and it is vulnerable to the same problems.
 
A suggestion for a little cyber fun: take the Christian Science Monitor’s quiz, How much do you know about cybersecurity?