Presented at
DEF CON 25 (2017),
July 28, 2017, 10:30 a.m.
(75 minutes).
Making legal and policy progress on security is hard, especially when it involves coordinating with teams inside and across federal agencies/departments. But, there *are* success stories. DOJ, FDA, FTC, and DoD have all evolved in positive directions in their approach to security over the last five years, engaging more robustly with the security research community. The panelists will introduce their respective agencies/ departments, explain their missions, and describe the evolution of their organizations' approach across time to security and security research. As always, the panelists look forward to answering your questions.
Presenters:
-
Andrea Matwyshyn
- Cranky law professor.
Andrea Matwyshyn is an academic and author whose work focuses on technology and innovation policy, particularly information security, consumer privacy, intellectual property, and technology workforce pipeline policy. She is a (tenured full) professor of law / professor of computer science (by courtesy) at Northeastern University, where she is the co-director of the Center for Law, Innovation, and Creativity (CLIC). Andrea is also a faculty affiliate of the Center for Internet and Society at Stanford Law School and a visiting research collaborator at the Center for Information Technology Policy at Princeton University, where she was the Microsoft Visiting Professor of Information Technology Policy during 2014-15. She is a Senior Fellow of the Cyber Statecraft Initiative at the Atlantic Council's Brent Scowcroft Center on International Security and a US-UK Fulbright Commission Cyber Security Scholar award recipient in 2016-2017. In 2014, she served as the Senior Policy Advisor/ Academic in Residence at the U.S. Federal Trade Commission. Prior to entering the academy, she was a corporate attorney in private practice.
-
Terrell McSweeny
- Commissioner, Federal Trade Commission
Terrell McSweeny serves as a Commissioner of the Federal Trade Commission. When it comes to tech issues, Commissioner McSweeny has focused on the valuable role researchers and hackers can play protecting consumer data security and privacy. She opposes bad policy and legislative proposals like mandatory backdoors and the criminalization of hacking and believes that enforcers like the FTC should work with the researcher community to protect consumers. She wants companies to implement security by design, privacy by design and data ethics by design-but recognizes that, in the absence of regulation, enforcement and research are the only means of holding companies accountable for the choices they make in the ways that they hold and use consumer data.
@TMcSweenyFTC
-
Leonard Bailey
- Special Counsel for National Security, Computer Crime & Intellectual Property Section, Criminal Division, U.S. Department of Justice
Leonard Bailey joined the Department of Justice's Terrorism and Violent Crime Section (TVCS) in 1991 where he handled litigation and investigations, managed departmental policies governing criminal enforcement and intelligence collection, and participated in the negotiation of international treaties concerning terrorist funding. He subsequently served as Special Counsel and Special Investigative Counsel to the Department's Inspector General while conducting investigations of senior Department officials and sensitive departmental programs. In 2000, he joined the Computer Crime and Intellectual Property Section (CCIPS) where he has prosecuted cases involving federal violations of computer crime and intellectual property statutes; advised on matters related to searching and seizing electronic evidence, investigating and prosecuting network intrusions, and conducting electronic surveillance; and chaired the Organization of American States' Group of Government Experts on Cybercrime. He has been Special Counsel for National Security in CCIPS since 2008. In 2009, he accepted a position as Senior Counselor to the Assistant Attorney General for the National Security Division, where he managed issues associated with cybersecurity, critical infrastructure protection, and national security investigations and operations involving cyber threats to national security. In 2012, he managed and set cyber policy for the Department of Justice as an Associate Deputy Attorney General before returning to the Criminal Division in 2013. Leonard received his B.A. from Yale University in 1987 and his J.D. from Yale Law School in 1991. He is an adjunct professor at Georgetown Law School, where he teaches cybersecurity law..
-
Lisa Wiswell
- Principal, Grimm
Fellow, Center for Strategic and International Studies
Lisa Wiswell worked for the better part of the past decade with the Department of Defense to shift its culture to interact more positively with the hacker community. At the Defense Digital Service, she hacked the Department of Defense bureaucracy and its antiquated and restrictive policies and processes. She was appointed Special Assistant to the Deputy Assistant Secretary of Defense for Cyber Policy in the Office of the Secretary of Defense where she supported senior DoD leaders by formulating and implementing policies and strategies to improve DoD’s ability to operate in digital space - specifically providing guidance and governance over the manning, training, and equipping of the Cyber Mission Force. Prior to serving in the Obama Administration, she served as Technology Portfolio Manager at the Defense Advanced Research Projects Agency overseeing a portfolio of cyberwarfare initiatives directly contributing to national security. Prior to supporting the DoD, Lisa worked on Capitol Hill for her home Member of Congress. She holds a BA in History and Political Science from the Maxwell School of Public Citizenship at Syracuse University, and a Masters in Technology Management from Georgetown University. Lisa is a privacy rights and STEM outreach advocate. She is now a Principal at Grimm and a Fellow at the Center for Strategic and International Studies.
-
Suzanne Schwartz, MD
- FDA
as Dr. Suzanne Schwartz
Dr. Suzanne Schwartz is the Associate Director for Science & Strategic Partnerships at FDA’s Center for Devices & Radiological Health (CDRH). In this role, she assists the CDRH Director and Deputy Director for Science in the development, execution and evaluation of the Center’s biomedical science and engineering programs. Suzanne is passionate about cultivating critical dialogue across sectors and across entities towards advancing innovation in the biomedical space and within healthcare, where complex multifaceted problems exist. Suzanne joined FDA in October 2010. Initially recruited as a Commissioner’s Fellow, she became a Medical Officer in the Office of Device Evaluation, transitioning in September 2012 to become the Director of CDRH’s Emergency Preparedness/Operations and Medical Countermeasures (EMCM) Program in the Office of the Center Director for the past 4 years. Among other public health concerns, her portfolio has most notably included medical device cybersecurity, for which she chairs CDRH’s Cybersecurity Working Group. She also co-chairs the Government Coordinating Council for Healthcare & Public Health critical infrastructure sector. Before FDA, Suzanne was a full time surgical faculty member at Weill Cornell Medical College, New York. Suzanne’s career has spanned the private sector as well, having served as Medical Director & Tissue Bank Director of Ortec International, a development stage medical device company focused on tissue engineering therapeutic approaches to burns and chronic wounds. Suzanne earned an MD from Albert Einstein College of Medicine, trained in General Surgery & Burn Trauma at the New York Presbyterian Hospital - Weill Cornell Medical Center; an executive MBA from NYU Stern School of Business, and completed the National Preparedness Leadership Initiative - Harvard School of Public Health & Kennedy School of Government.
Links: