Open Access. Powered by Scholars. Published by Universities.®
- Institution
-
- University of South Florida (5)
- Maurer School of Law: Indiana University (3)
- Pace University (2)
- University of Maryland Francis King Carey School of Law (2)
- Vanderbilt University Law School (2)
-
- American University Washington College of Law (1)
- Cornell University Law School (1)
- Duquesne University (1)
- Georgia State University College of Law (1)
- Journal of Police and Legal Sciences (1)
- Kennesaw State University (1)
- Loyola Marymount University and Loyola Law School (1)
- Mitchell Hamline School of Law (1)
- Penn State Dickinson Law (1)
- SJ Quinney College of Law, University of Utah (1)
- Seattle University School of Law (1)
- St. Mary's University (1)
- The Catholic University of America, Columbus School of Law (1)
- Touro University Jacob D. Fuchsberg Law Center (1)
- University of Georgia School of Law (1)
- University of Michigan Law School (1)
- University of Richmond (1)
- Publication Year
- Publication
-
- Military Cyber Affairs (5)
- Indiana Law Journal (2)
- American University International Law Review (1)
- Catholic University Journal of Law and Technology (1)
- Cornell International Law Journal (1)
-
- Cybaris® (1)
- Dickinson Law Review (2017-Present) (1)
- Duquesne Law Review (1)
- Georgia Journal of International & Comparative Law (1)
- Georgia State University Law Review (1)
- Indiana Journal of Global Legal Studies (1)
- Journal of Business & Technology Law (1)
- Journal of Cybersecurity Education, Research and Practice (1)
- Journal of Police and Legal Sciences (1)
- Loyola of Los Angeles Law Review (1)
- Maryland Carey Law (1)
- Pace Intellectual Property, Sports & Entertainment Law Forum (1)
- Pace Law Review (1)
- Seattle University Law Review (1)
- The Scholar: St. Mary's Law Review on Race and Social Justice (1)
- Touro Law Review (1)
- University of Michigan Journal of Law Reform (1)
- University of Richmond Law Review (1)
- Utah Law Review (1)
- Vanderbilt Journal of Entertainment & Technology Law (1)
- Vanderbilt Journal of Transnational Law (1)
Articles 1 - 30 of 31
Full-Text Articles in Law
Improving Ethics Surrounding Collegiate-Level Hacking Education: Recommended Implementation Plan & Affiliation With Peer-Led Initiatives, Shannon Morgan, Dr. Sanjay Goel
Improving Ethics Surrounding Collegiate-Level Hacking Education: Recommended Implementation Plan & Affiliation With Peer-Led Initiatives, Shannon Morgan, Dr. Sanjay Goel
Military Cyber Affairs
Cybersecurity has become a pertinent concern, as novel technological innovations create opportunities for threat actors to exfiltrate sensitive data. To meet the demand for professionals in the workforce, universities have ramped up their academic offerings to provide a broad range of cyber-related programs (e.g., cybersecurity, informatics, information technology, digital forensics, computer science, & engineering). As the tactics, techniques, and procedures (TTPs) of hackers evolve, the knowledge and skillset required to be an effective cybersecurity professional have escalated accordingly. Therefore, it is critical to train cyber students both technically and theoretically to actively combat cyber criminals and protect the confidentiality, integrity, …
Securing The Void: Assessing The Dynamic Threat Landscape Of Space, Brianna Bace, Dr. Unal Tatar
Securing The Void: Assessing The Dynamic Threat Landscape Of Space, Brianna Bace, Dr. Unal Tatar
Military Cyber Affairs
Outer space is a strategic and multifaceted domain that is a crossroads for political, military, and economic interests. From a defense perspective, the U.S. military and intelligence community rely heavily on satellite networks to meet national security objectives and execute military operations and intelligence gathering. This paper examines the evolving threat landscape of the space sector, encompassing natural and man-made perils, emphasizing the rise of cyber threats and the complexity introduced by dual-use technology and commercialization. It also explores the implications for security and resilience, advocating for collaborative efforts among international organizations, governments, and industry to safeguard the space sector.
Integrating Nist And Iso Cybersecurity Audit And Risk Assessment Frameworks Into Cameroonian Law, Bernard Ngalim
Integrating Nist And Iso Cybersecurity Audit And Risk Assessment Frameworks Into Cameroonian Law, Bernard Ngalim
Journal of Cybersecurity Education, Research and Practice
This paper reviews cybersecurity laws and regulations in Cameroon, focusing on cybersecurity and information security audits and risk assessments. The importance of cybersecurity risk assessment and the implementation of security controls to cure deficiencies noted during risk assessments or audits is a critical step in developing cybersecurity resilience. Cameroon's cybersecurity legal framework provides for audits but does not explicitly enumerate controls. Consequently, integrating relevant controls from the NIST frameworks and ISO Standards can improve the cybersecurity posture in Cameroon while waiting for a comprehensive revision of the legal framework. NIST and ISO are internationally recognized as best practices in information …
Security-Enhanced Serial Communications, John White, Alexander Beall, Joseph Maurio, Dane Fichter, Dr. Matthew Davis, Dr. Zachary Birnbaum
Security-Enhanced Serial Communications, John White, Alexander Beall, Joseph Maurio, Dane Fichter, Dr. Matthew Davis, Dr. Zachary Birnbaum
Military Cyber Affairs
Industrial Control Systems (ICS) are widely used by critical infrastructure and are ubiquitous in numerous industries including telecommunications, petrochemical, and manufacturing. ICS are at a high risk of cyber attack given their internet accessibility, inherent lack of security, deployment timelines, and criticality. A unique challenge in ICS security is the prevalence of serial communication buses and other non-TCP/IP communications protocols. The communication protocols used within serial buses often lack authentication and integrity protections, leaving them vulnerable to spoofing and replay attacks. The bandwidth constraints and prevalence of legacy hardware in these systems prevent the use of modern message authentication and …
What Senior U.S. Leaders Say We Should Know About Cyber, Dr. Joseph H. Schafer
What Senior U.S. Leaders Say We Should Know About Cyber, Dr. Joseph H. Schafer
Military Cyber Affairs
On April 6, 2023, the Atlantic Council’s Cyber Statecraft Initiative hosted a panel discussion on the new National Cybersecurity Strategy. The panel featured four senior officials from the Office of the National Cyber Director (ONCD), the Department of State (DoS), the Department of Justice (DoJ), and the Department of Homeland Security (DHS). The author attended and asked each official to identify the most important elements that policymakers and strategists must understand about cyber. This article highlights historical and recent struggles to express cyber policy, the responses from these officials, and the author’s ongoing research to improve national security cyber policy.
The Security And Cyber Defence Realities And Difficulties In Algeria, Kada Aicha
The Security And Cyber Defence Realities And Difficulties In Algeria, Kada Aicha
Journal of Police and Legal Sciences
This research paper aims to shed light on the digital challenge faced by Algeria as it enters the world of the knowledge society, which qualifies it to achieve cybersecurity and cyber defense against various forms and types of security threats, including cyber threats. The researcher used an analytical approach to understand the phenomenon under study and trace its causes, in addition to a case study method to study all aspects of the studied phenomenon and identify the characteristics of the case study - Algeria was chosen as the analysis unit. The study concluded several important results, including:
The deficiency of …
Ransomware Groups On Notice: U.S. Cyber Operation Against Revil Is Permissible Under International Law, Justin Singh
Ransomware Groups On Notice: U.S. Cyber Operation Against Revil Is Permissible Under International Law, Justin Singh
American University International Law Review
The continued increase in the use of ransomware by cyber criminals has had a costly impact on businesses and organizations around the world. Ransomware groups continue to initiate attacks on businesses and organizations, and states have become increasingly concerned over the potential impact it may have on their critical infrastructure and economies. The United States’ recent acknowledgement of cyber operations against ransomware groups highlights the seriousness of the issue and exposes areas of international law that are complicated when applied to cyber operations against these groups. This Comment explores the relevant international law as it applies to the United States …
Strengthening Our Intuitions About Hacking, Jeffrey L. Vagle
Strengthening Our Intuitions About Hacking, Jeffrey L. Vagle
Indiana Law Journal
The computer trespass analogy has served us reasonably well as a basis for cybersecurity policies and related anti-hacking laws, but computers, and our uses of them, have changed significantly in ways that stretch the computer trespass metaphor beyond usefulness. This Essay proposes an approach to expanding and strengthening our intuitions about computer security that accounts for new computing paradigms, giving courts and lawmakers additional tools for interpreting and drafting effective anti-hacking laws.
This Essay argues that many new and existing computer use scenarios leave courts unsure how existing anti-hacking laws might apply, increasing the possibility of under- or over-inclusive policies …
The Law And Politics Of Ransomware, Asaf Lubin
The Law And Politics Of Ransomware, Asaf Lubin
Vanderbilt Journal of Transnational Law
What do Lady Gaga, the Royal Zoological Society of Scotland, the city of Valdez in Alaska, and the court system of the Brazilian state of Rio Grande do Sul all have in common? They have all been victims of ransomware attacks, which are growing both in number and severity. In 2016, hackers perpetrated roughly four thousand ransomware attacks a day worldwide, a figure which was already alarming. By 2020, however, ransomware attacks reached a staggering number, between twenty thousand and thirty thousand per day in the United States alone. That is a ransomware attack every eleven seconds, each of which …
Small Business Cybersecurity: A Loophole To Consumer Data, Matthew R. Espinosa
Small Business Cybersecurity: A Loophole To Consumer Data, Matthew R. Espinosa
The Scholar: St. Mary's Law Review on Race and Social Justice
Small businesses and small minority owned businesses are vital to our nation’s economy; therefore legislation, regulation, and policy has been created in order to assist them in overcoming their economic stability issues and ensure they continue to serve the communities that rely on them. However, there is not a focus on regulating nor assisting small businesses to ensure their cybersecurity standards are up to par despite them increasingly becoming a victim of cyberattacks that yield high consequences. The external oversight and assistance is necessary for small businesses due to their lack of knowledge in implementing effective cybersecurity policies, the fiscal …
Defensive Industrial Policy: Cybersecurity Interventions To Reduce Intellectual Property Theft, Dr. Chad Dacus, Dr. Carl (Cj) Horn
Defensive Industrial Policy: Cybersecurity Interventions To Reduce Intellectual Property Theft, Dr. Chad Dacus, Dr. Carl (Cj) Horn
Military Cyber Affairs
Through cyber-enabled industrial espionage, China has appropriated what Keith Alexander, the former Director of the National Security Agency, dubbed “the largest transfer of wealth in history.” Although China disavows intellectual property (IP) theft by its citizens and has set self-sustained research and development as an important goal, it is unrealistic to believe IP theft will slow down meaningfully without changing China’s decision calculus. China and the United States have twice agreed, in principle, to respect one another’s IP rights. However, these agreements have lacked any real enforcement mechanism, so the United States must do more to ensure its IP is …
Book Review: This Is How They Tell Me The World Ends: The Cyberweapons Arms Race (2020) By Nicole Perlroth, Amy C. Gaudion
Book Review: This Is How They Tell Me The World Ends: The Cyberweapons Arms Race (2020) By Nicole Perlroth, Amy C. Gaudion
Dickinson Law Review (2017-Present)
No abstract provided.
What's The Harm? Federalism, The Separation Of Powers, And Standing In Data Breach Litigation, Grayson Wells
What's The Harm? Federalism, The Separation Of Powers, And Standing In Data Breach Litigation, Grayson Wells
Indiana Law Journal
This Comment will argue that the Supreme Court should analyze standing in data breach litigation under a standard that is deferential to state statutory and common law. Specifically, federal standing analysis should look to state law when determining whether an injury is concrete such that the injury-in-fact requirement is met. Some argue that allowing more data breach cases to proceed to the merits could lead to an explosion of successful litigation and settlements, burdening the federal courts and causing economic losses for the breached businesses. These concerns may be valid. But if state law provides a remedy to the harm …
The Evolution Of Legal Risks Pertaining To Patch Management And Vulnerability Management, James T. Kitchen, David R. Coogan, Keeton H. Christian
The Evolution Of Legal Risks Pertaining To Patch Management And Vulnerability Management, James T. Kitchen, David R. Coogan, Keeton H. Christian
Duquesne Law Review
This article begins with an overview, in non-technical terms, of the tools generally available and processes implemented for vulnerability management and patch management. Section II identifies some of the evolving security standards that regulators and plaintiffs may rely on to show that companies are legally required to have vulnerability management and patch management. Section III identifies U.S. legal implications of vulnerability management and patch management and factors that a court and regulators may consider.
Show Me The (Data About The) Money!, Nizan Geslevich Packin
Show Me The (Data About The) Money!, Nizan Geslevich Packin
Utah Law Review
Information about consumers, their money, and what they do with it is the lifeblood of the flourishing financial technology (“FinTech”) sector. Historically, highly regulated banks jealously protected this data. However, consumers themselves now share their data with businesses more than ever before. These businesses monetize and use the data for countless prospects, often without the consumers’ actual consent. Understanding the dimensions of this recent phenomenon, more and more consumer groups, scholars, and lawmakers have started advocating for consumers to have the ability to control their data as a modern imperative. This ability is tightly linked to the concept of open …
Trimming The Fat: The Gdpr As A Model For Cleaning Up Our Data Usage, Kassandra Polanco
Trimming The Fat: The Gdpr As A Model For Cleaning Up Our Data Usage, Kassandra Polanco
Touro Law Review
No abstract provided.
The Survival Of Critical Infrastructure: How Do We Stop Ransomware Attacks On Hospitals?, Helena Roland
The Survival Of Critical Infrastructure: How Do We Stop Ransomware Attacks On Hospitals?, Helena Roland
Catholic University Journal of Law and Technology
Our nation’s infrastructure is under an emerging new threat: ransomware attacks. These attacks can cause anything from individual laptops, to entire cities to shut down for a period of time until the victim pays a ransom to the attacker. Unfortunately, these attacks are on the rise and the attackers have a new target: hospitals. Ransomware attacks on hospitals can temporarily shut down operating room technology and limit physician access to patient files, ultimately threatening the safety of hospital patients and the surrounding community. This paper examines how the threat of ransomware attacks on hospitals is on the rise and what …
Cybersecurity Oversight Liability, Benjamin P. Edwards
Cybersecurity Oversight Liability, Benjamin P. Edwards
Georgia State University Law Review
A changing cybersecurity environment now poses a significant corporate-governance challenge. Although some cybersecurity data breaches may be inevitable, courts now increasingly consider when a corporation’s officers and directors may be held liable on theories that they acted in bad faith and failed to adequately oversee the corporation’s affairs. This short essay reviews recent derivative decisions and encourages corporate boards to recognize that in an environment filled with increasing threats, a reasonable response will require devoting real resources and attention to cybersecurity issues.
Creating A National Data Privacy Law For The United States, Shaun G. Jamison
Creating A National Data Privacy Law For The United States, Shaun G. Jamison
Cybaris®
No abstract provided.
Cybersecurity And The Rights Of The Internet User In France, Jennifer Cross
Cybersecurity And The Rights Of The Internet User In France, Jennifer Cross
Georgia Journal of International & Comparative Law
No abstract provided.
“Private” Cybersecurity Standards? Cyberspace Governance, Multistakeholderism, And The (Ir)Relevance Of The Tbt Regime, Shin-Yi Peng
“Private” Cybersecurity Standards? Cyberspace Governance, Multistakeholderism, And The (Ir)Relevance Of The Tbt Regime, Shin-Yi Peng
Cornell International Law Journal
We are now living in a hyper-connected world, with a myriad of devices continuously linked to the Internet. Our growing dependence on such devices exposes us to a variety of cybersecurity threats. This ever-increasing connectivity means that vulnerabilities can be introduced at any phase of the software development cycle. Cybersecurity risk management, therefore, is more important than ever to governments at all developmental stages as well as to companies of all sizes and across all sectors. The awareness of cybersecurity threats affects the importance placed on the use of standards and certification as an approach.
Corporate Cybersecurity: The International Threat To Private Networks And How Regulations Can Mitigate It, Eric J. Hyla
Corporate Cybersecurity: The International Threat To Private Networks And How Regulations Can Mitigate It, Eric J. Hyla
Vanderbilt Journal of Entertainment & Technology Law
Cyberattacks are occurring at an accelerating pace. Foreign nations are increasingly utilizing hacking as a tool for economic gain, acts of aggression, or international political expression. At risk are US consumers'personal data, private firms' bottom line, and the economies'integrity. In response, federal and state lawmakers have issued a series of disparate, uncoordinated policies seeking to strengthen cybersecurity practices. However, recent events indicate that these policies are less than ideal. This Note suggests that a unified response to cybersecurity is required and calls for the establishment of a single, central federal agency with authority over all cybersecurity regulations. Such an agency …
Global Cybersecurity, Surveillance, And Privacy: The Obama Administration's Conflicted Legacy, Peter Margulies
Global Cybersecurity, Surveillance, And Privacy: The Obama Administration's Conflicted Legacy, Peter Margulies
Indiana Journal of Global Legal Studies
To analyze the Obama administration's cyber efforts, this Article proposes a paradigm of stewardship with both discursive and structural dimensions. Discursive stewardship refers to the Executive's openness to dialogue with other stakeholders. Structural stewardship refers to the domestic and transnational distribution of decisional authority, including checks and balances that guard against the excesses of unilateral action. The Article concludes that the Obama administration made substantial progress in each of these realms. However, the outsized role of law enforcement agendas and dearth of clearly articulated checks on transnational surveillance drove headwinds that limited forward movement.
Sony, Cyber Security, And Free Speech: Preserving The First Amendment In The Modern World, Conrad Wilton
Sony, Cyber Security, And Free Speech: Preserving The First Amendment In The Modern World, Conrad Wilton
Pace Intellectual Property, Sports & Entertainment Law Forum
Reprinted from 16 U.C. Davis Bus. L.J. 309 (2016). This paper explores the Sony hack in 2014 allegedly launched by the North Korean government in retaliation over Sony’s production of The Interview and considers the hack’s chilling impact on speech in technology. One of the most devastating cyber attacks in history, the hack exposed approximately thirty- eight million files of sensitive data, including over 170,000 employee emails, thousands of employee social security numbers and unreleased footage of upcoming movies. The hack caused Sony to censor the film and prompted members of the entertainment industry at large to tailor their communication …
Enhancing Cybersecurity In The Private Sector By Means Of Civil Liability Lawsuits - The Connie Francis Effect, Jeffrey F. Addicott
Enhancing Cybersecurity In The Private Sector By Means Of Civil Liability Lawsuits - The Connie Francis Effect, Jeffrey F. Addicott
University of Richmond Law Review
The purpose of this article is to explore the threats posed by
cybersecurity breaches, outline the steps taken by the government
to address those threats in the private sector economy, and
call attention to the ultimate solution, which will most certainly
spur private businesses to create a more secure cyber environment
for the American people-a Connie Francis-styled cyber civil
action lawsuit.
Making Democracy Harder To Hack, Scott Shackelford, Bruce Schneier, Michael Sulmeyer, Anne Boustead, Ben Buchanan, Amanda N. Craig Deckard, Trey Herr, Jessica Malekos Smith
Making Democracy Harder To Hack, Scott Shackelford, Bruce Schneier, Michael Sulmeyer, Anne Boustead, Ben Buchanan, Amanda N. Craig Deckard, Trey Herr, Jessica Malekos Smith
University of Michigan Journal of Law Reform
With the Russian government hack of the Democratic National Convention email servers and related leaks, the drama of the 2016 U.S. presidential race highlights an important point: nefarious hackers do not just pose a risk to vulnerable companies; cyber attacks can potentially impact the trajectory of democracies. Yet a consensus has been slow to emerge as to the desirability and feasibility of reclassifying elections—in particular, voting machines—as critical infrastructure, due in part to the long history of local and state control of voting procedures. This Article takes on the debate—focusing on policy options beyond former Department of Homeland Security Secretary …
Authorized Investigation: A Temperate Alternative To Cyber Insecurity, Casey M. Bruner
Authorized Investigation: A Temperate Alternative To Cyber Insecurity, Casey M. Bruner
Seattle University Law Review
This Note aims to show that legal structures created to protect the Internet in its original form are completely insufficient to protect what the Internet has become. This antiquated legal framework is exacerbating the problem. The breadth of activity that the current law restricts severely limits the remedies that cyberattack victims can pursue, and it must be updated. While full hack-back may prove necessary in the long run, I argue for a more temperate initial response to the problem—I call this response “authorized investigation.” Specifically, the Computer Fraud and Abuse Act should be amended to allow victims access to their …
Silencing The Call To Arms: A Shift Away From Cyber Attacks As Warfare, Ryan Patterson
Silencing The Call To Arms: A Shift Away From Cyber Attacks As Warfare, Ryan Patterson
Loyola of Los Angeles Law Review
Cyberspace has developed into an indispensable aspect of modern society, but not without risk. Cyber attacks have increased in frequency, with many states declaring cyber operations a priority in what has been called the newest domain of warfare. But what rules govern? The Tallinn Manual on the International Law Applicable to Cyber Warfare suggests existent laws of war are sufficient to govern cyber activities; however, the Tallinn Manual ignores fundamental problems and unique differences between cyber attacks and kinetic attacks. This Article argues that several crucial impediments frustrate placing cyber attacks within the current umbra of warfare, chiefly the problems …
Global Cyber Intermediary Liability: A Legal & Cultural Strategy, Jason H. Peterson, Lydia Segal, Anthony Eonas
Global Cyber Intermediary Liability: A Legal & Cultural Strategy, Jason H. Peterson, Lydia Segal, Anthony Eonas
Pace Law Review
This Article fills the gap in the debate on fighting cybercrime. It considers the role of intermediaries and the legal and cultural strategies that countries may adopt. Part II.A of this Article examines the critical role of intermediaries in cybercrime. It shows that the intermediaries’ active participation by facilitating the transmission of cybercrime traffic removes a significant barrier for individual perpetrators. Part II.B offers a brief overview of legal efforts to combat cybercrime, and examines the legal liability of intermediaries in both the civil and criminal context and in varying legal regimes with an emphasis on ISPs. Aside from some …
The Looming Threat Of Cyberterrorism
The Looming Threat Of Cyberterrorism
Maryland Carey Law
Technology has the ability to make gray what was once the black letter of the law.