Authors: Ari Schwartz and Robert K. Knake Belfer Center for Science and International Affairs John F. Kennedy School of Government Harvard University
In this June 2016 discussion paper, Knake and his coauthor examine the Obama administration’s Vulnerability Equities Process guidelines. They argue that the administration ought to formalize and publicize these guidelines and offer policy recommendations to improve the VEP while maintaining a bias toward public disclosure of zero day vulnerabilities.
In spite of significant differences in views, Beijing and Washington appear committed to not letting cyber issues derail the U.S.-China relationship or interfere with cooperation on other high-profile issues. Among the wide range of issues raised at their recent meeting on the sidelines of the Nuclear Security Summit, Presidents Barack Obama and Xi Jinping reiterated their commitment to last September’s breakthrough cybersecurity agreement.
Authors: Adam Segal and Tang Lan The National Bureau of Asian Research
While there continue to be significant differences between the perspectives of the U.S. and Chinese governments on issues in cyberspace, recent progress to overcome these challenges suggests a path forward, writes Adam Segal. Substantive cooperation on cybersecurity, cybercrime, and Internet governance can help both countries avoid a conflict over cyberspace.
Since the 1990s, U.S. law enforcement has expressed concern about “going dark,” roughly defined as an inability to access encrypted communications or data even with a court order. Silicon Valley companies are rolling out encrypted products that allow users alone to access their data, and in the wake of the Paris and San Bernardino, Calif., terrorist attacks, law enforcement officials argue that their fears are being realized.
Protecting the privacy of user data from unauthorized access is essential for business executives, policymakers, and users themselves. But strong privacy protection software is often difficult for nonexperts to use. In this Cyber Brief, Sara "Scout" Sinclair Brody explains how promoting and improving open-source software can go a long way toward strengthening privacy online.
In this January 2016 article, Knake argues that the United States needs to improve its cyber hygiene and “clean up” its cyberspace in order to reduce the number of malware infections and botnet attacks launched from domestic computers.
How can the United States protect cyberspace, the "control system of our country," without restricting the open "flow of information on the Internet"? What should countries consider when developing international cybersecurity standards and protocol? What should their citizens know to protect their information and their rights? Cybersecurity Policy Research Links provide news, background information, legislation, analysis, and international efforts to protect government and the public's information.
The U.S. government's effort to persuade other countries to adopt norms of responsibility for cyberspace faces a significant obstacle: computers located in the United States host much of the malicious software used to carry out cyberattacks. Robert K. Knake explains.
Learn more about CFR’s mission and its work over the past year in the 2015 Annual Report. The Annual Report spotlights new initiatives, high-profile events, and authoritative scholarship from CFR experts, and includes a message from CFR President Richard N. Haass. Read and download »