Open Access. Powered by Scholars. Published by Universities.®

Law Commons

Open Access. Powered by Scholars. Published by Universities.®

Articles 1 - 3 of 3

Full-Text Articles in Law

It's Time To Reform The U.S. Vulnerabilities Equities Process, Amy Gaudion Sep 2021

It's Time To Reform The U.S. Vulnerabilities Equities Process, Amy Gaudion

Faculty Scholarly Works

No abstract provided.


Recognizing The Role Of Inspectors General In The U.S. Government's Cybersecurity Restructuring Task, Amy Gaudion Jan 2021

Recognizing The Role Of Inspectors General In The U.S. Government's Cybersecurity Restructuring Task, Amy Gaudion

Faculty Scholarly Works

Months prior to the 2015 public disclosure of a data breach at the U.S. government’s Office of Personnel and Management (OPM), the Office of the Inspector General for OPM issued a report that identified significant deficiencies and material weaknesses in a number of the agency’s information systems and IT security programs. In response to the 2020 SolarWinds supply chain hack, attributed to Russia, calls are underway for inspectors general to conduct audits and inspections and to review prior inspector general assessments of information systems and vulnerabilities at federal agencies. The use of inspectors general to assess information system vulnerabilities and …


Regulating Cyber-Security, Nathan Alexander Sales Jan 2015

Regulating Cyber-Security, Nathan Alexander Sales

Northwestern University Law Review

The conventional wisdom is that this country’s privately owned critical infrastructure—banks, telecommunications networks, the power grid, and so on—is vulnerable to catastrophic cyber-attacks. The existing academic literature does not adequately grapple with this problem, however, because it conceives of cyber-security in unduly narrow terms: most scholars understand cyber-attacks as a problem of either the criminal law or the law of armed conflict. Cyber-security scholarship need not run in such established channels. This Article argues that, rather than thinking of private companies merely as potential victims of cyber-crimes or as possible targets in cyber-conflicts, we should think of them in administrative …