Jim Dempsey

User banner image
User avatar
  • Jim Dempsey

Posts

Enforcement of Cybersecurity Regulations: Part 3

Editor’s Note: This is the final installment in a three-part series on cybersecurity enforcement. Click here for Part 1 and here for Part 2. In enforcing any regulatory system,…

Addressing the Security Risks of AI

In recent weeks, there have been urgent warnings about the risks of rapid developments in artificial intelligence (AI). The current obsession is with large language…

Enforcement of Cybersecurity Regulations: Part 2

Editor’s Note: This is the second in a three-part series on cybersecurity enforcement. Click here for part one. Part three will be published in the coming…

Enforcement of Cybersecurity Regulations: Part 1

A key pillar of the Biden administration’s recently released cybersecurity strategy is the establishment of mandatory requirements for critical infrastructure. Noting that it had already…

Cybersecurity’s Third Rail: Software Liability

Well, they’ve done it. The Biden administration’s new National Cybersecurity Strategy takes on the third rail of cybersecurity policy: software liability. For decades, scholars and…

One Small Legislative Step for Cybersecurity

The massive appropriations bill signed by President Biden on Dec. 29, 2022, included, among other riders, language requiring the makers of internet-connected medical devices to…

Cybersecurity Regulation: It’s Not ‘Performance-Based’ If Outcomes Can’t Be Measured

After Colonial Pipeline suffered a ransomware attack in May 2021 and took its 5,500-mile system offline for nearly a week, the Transportation Security Administration (TSA)…

Medical Device Security Offers Proving Ground for Cybersecurity Action

Legislation approved on June 8 by the U.S. House of Representatives to address the cybersecurity of medical devices may offer a good model for a…

Cybersecurity Tools Lie Unused in Federal Agencies’ Toolboxes

Concerns over the possible Russian use of cyber weapons against U.S. domestic critical infrastructure in connection with the Ukraine crisis—warnings renewed on Feb. 11—should prompt…

Managing the Cybersecurity Vulnerabilities of Artificial Intelligence

This week, Andy Grotto and I published a new working paper on policy responses to the risk that artificial intelligence (AI) systems, especially those dependent…