About the Expert
Tarah Wheeler is senior fellow for global cyber policy at the Council on Foreign Relations (CFR). She is also an information security executive, social scientist in the area of international conflict, and author.
Wheeler is CEO of the information security consultancy Red Queen Dynamics. She is an Electronic Frontier Foundation advisory board member, an inaugural contributing cybersecurity expert for the Washington Post, and a Foreign Policy contributor on cyber warfare. She is the author of the best-selling Women In Tech: Take Your Career to The Next Level With Practical Advice And Inspiring Stories. She has been the Brookings Institution’s contributing cybersecurity editor, a cyber project fellow at the Belfer Center for Science and International Affairs at Harvard University‘s Kennedy School of Government, an international security fellow at New America leading a new international cybersecurity capacity building project with the Hewlett Foundation’s cyber initiative, and a U.S./UK Fulbright scholar in cyber security.
Wheeler has been head of offensive security and technical data privacy at Splunk and senior director of engineering and principal security advocate at Symantec Website Security. She has led projects at Microsoft Game Studios (Halo and Lips) and architected systems at encrypted mobile communications firm Silent Circle. She has spoken on information security at the European Union, Malaysian Securities Commission, OECD and FTC, for Foreign Policy, universities such as Stanford University, American University, West Point, and Oxford University, and multiple governmental and industry conferences.
- Electronic Frontier Foundation, advisory board member
- Red Queen Dynamics, chief executive officer
Encryption, cybersecurity, and technology policies, like the RESTRICT and EARN-IT Acts, with nonexistent tradeoffs address symptoms, not problems, and they do it badly.
Election security has been a major issue since the 2020 U.S. election. Policymakers and members of the public must take several concrete steps to ensure that elections are secure and free from interference.
Recruiting problems in cybersecurity will continue until private and public sector organizations make defenders' mental health a priority and policymakers address the poorly written Computer Fraud and Abuse Act.
The EARN IT Act is back for a third time. The current version purports to both maintain privacy and protect children, but this is a false dichotomy; the act would expand state power and decrease users' privacy.
Montana banned TikTok a month ago. Enforcing this ban would require the creation of a surveillance regime that would be far more detrimental to privacy and civil liberties than TikTok could ever be.
The U.S. Cybersecurity Review Board was established to provide a definitive history of major cyber incidents. Today it has fallen away from that mission, but there are three incidents to investigate which can get it back on track.
Recent regulations have focused on adding cybersecurity experience to company boards. However, companies would be better served if CISOs were required to gain expertise in business risk communications.