Law Commons^™

It's Time To Reform The U.S. Vulnerabilities Equities Process, Amy Gaudion

Faculty Scholarly Works

No abstract provided.

The Plea Of Necessity: An Oft Overlooked Response Option To Hostile Cyber Operations, Louise Arimatsu, Michael N. Schmitt

International Law Studies

States are increasingly focused on the measures—cyber or otherwise—that they can take in response to hostile cyber operations. Although cyber operations are usually responded to with acts of “retorsion” (acts that are lawful, although unfriendly), international law recognizes other self-help mechanisms that allow for more robust responses. In the cyber context, most attention has focused on countermeasures and self-defense. Yet, both are subject to various limitations that constrain their availability.

This article examines a further option, the so-called “plea of necessity.” It allows States to respond to a hostile cyber operation when the action taken would otherwise be unlawful but …

Responding To Hostile Cyber Operations: The “In-Kind” Option, Michael N. Schmitt, Durward E. Johnson

International Law Studies

Facing hostile cyber operations, States are crafting responsive strategies, tactics and rules of engagement. One of the major challenges in doing so is that key aspects of the international law governing cyber responses are vague, unsettled or complex. Not surprisingly, therefore, international law is markedly absent from strategies and operational concepts. Rather, they tend to take on a practical “tit-for-tat” feel as policymakers logically view “in-kind” responses as “fair play.” For them, responding in-kind surely must be lawful notwithstanding any challenges in discerning the precise legal character of the initial hostile cyber operation.

Testing that sense, this article examines the …

Recognizing The Role Of Inspectors General In The U.S. Government's Cybersecurity Restructuring Task, Amy Gaudion

Faculty Scholarly Works

Months prior to the 2015 public disclosure of a data breach at the U.S. government’s Office of Personnel and Management (OPM), the Office of the Inspector General for OPM issued a report that identified significant deficiencies and material weaknesses in a number of the agency’s information systems and IT security programs. In response to the 2020 SolarWinds supply chain hack, attributed to Russia, calls are underway for inspectors general to conduct audits and inspections and to review prior inspector general assessments of information systems and vulnerabilities at federal agencies. The use of inspectors general to assess information system vulnerabilities and …