POPULARITY
Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect! The 12 Days of Malware lyrics On the first day of Christmas, my malware gave to me: A keylogger logging my keys. On the second day of Christmas, my malware gave to me: 2 Trojan Apps... And a keylogger logging my keys. On the third day of Christmas, my malware gave to me: 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fourth day of Christmas, my malware gave to me: 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fifth day of Christmas, my malware gave to me: 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the sixth day of Christmas, my malware gave to me: 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the seventh day of Christmas, my malware gave to me: 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eighth day of Christmas, my malware gave to me: 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the ninth day of Christmas, my malware gave to me: 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the tenth day of Christmas, my malware gave to me: 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eleventh day of Christmas, my malware gave to me: 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the twelfth day of Christmas, my malware gave to me: 12 Hackers hacking... 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. Learn more about your ad choices. Visit megaphone.fm/adchoices
On today's podcast, Host Ramses Ja is joined by special guest Camille Stewart Gloster. She serves as the Deputy National Cyber Director for Technology and Ecosystem Security for the Biden administration. See omnystudio.com/listener for privacy information.
Camille Stewart Gloster joins us to discuss national security threats, online best practices, and election integrity ahead of Tuesday's election. She helps us identify vulnerabilities in our digital lives as well as in the fabric of our country!See omnystudio.com/listener for privacy information.
Camille is a renowned privacy expert and strategist with a prolific career spanning significant contributions to both government and tech sectors. She served as the Deputy National Cyber Director at the White House, where she played a crucial role in shaping national cybersecurity policies. Camille is also known for her efforts in creating secure spaces for underrepresented communities within the tech industry, including her initiative "Share the Mic and Cyber." As a Jamaican American, Camille emphasizes the importance of diverse voices in national security and technology to enrich perspectives and innovation. Throughout the conversation, Camille underscores the significance of creating supportive communities both within and outside professional spaces. She stresses the need for diverse perspectives in tech and cybersecurity, arguing that these are not just ethical imperatives but essential for national security and effective technology development. Using her own experiences, Camille shares practical advice on how to navigate and succeed in environments that were not originally designed for inclusivity. The episode wraps up with a discussion on the importance of making DEI initiatives integral to corporate and government strategies, especially in the face of current rollbacks. Key Takeaways: Creating Inclusive Spaces: Camille emphasizes the importance of forming communities that support and advocate for underrepresented voices in tech and cybersecurity. Professional Resilience: Strategies to maintain confidence and authenticity in environments where one is the only person of color. Progressive vs. Authentic Inclusion: A critique of the tech industry's often superficial claims of inclusivity compared to more transparent government practices. Importance of Diverse Perspectives: Highlighting how a variety of viewpoints is crucial for innovation and national security. Support Networks: The role of both professional and personal communities in providing support and fostering resilience in the face of adversity.
Cybersecurity attorney Camille Stewart shares how her childhood affinity for making contracts pointed to her eventual career as an attorney. Having a computer scientist father contributed to Camille's technical acumen and desire to include technology in her life's work. Camille has worked various facets of cybersecurity law from the private sector, federal government, on the Hill and in the Executive Branch, and now as part of Big Tech as Head of Security Policy and Election Integrity for Google Play and Android where she creates policy geared towards making sure users are safe on their platform and equipped to make informed decisions.. We thank Camille for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
Cybersecurity attorney Camille Stewart shares how her childhood affinity for making contracts pointed to her eventual career as an attorney. Having a computer scientist father contributed to Camille's technical acumen and desire to include technology in her life's work. Camille has worked various facets of cybersecurity law from the private sector, federal government, on the Hill and in the Executive Branch, and now as part of Big Tech as Head of Security Policy and Election Integrity for Google Play and Android where she creates policy geared towards making sure users are safe on their platform and equipped to make informed decisions.. We thank Camille for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
Summary Camille Stewart Gloster (X, LinkedIn) joins Andrew (X; LinkedIn) to discuss her career in cyber. Camille was the first Deputy National Cyber Director for Technology & Ecosystem for the White House. What You'll Learn Intelligence The intersections between technology and law The origins of the cyber threat The importance of cyber education Building a diverse cyber workforce Reflections Challenging narratives and norms Strategic education And much, much more … Quotes of the Week “Another part of the problem is having a conversation where people understand that they do a lot of this work every day. Honing those skills and being intentional about them and then applying them to a career means a transition from a hobby to something more concrete. And that narrative piece of making cybersecurity not seem so overwhelming is a big part of the work as well.” – Camille Stewart Gloster. Resources SURFACE SKIM *SpyCasts* Indian Intelligence & Cyber – A Conversation with Sameer Patil, ORF Mumbai (2023) Espionage and the Metaverse with Cathy Hackl (2023) The FBI & Cyber with Cyber Division Chief Bryan Vorndran (Part 1 of 2) (2022) The FBI & Cyber with Cyber Division Chief Bryan Vorndran (Part 2 of 2) (2022) Trafficking Data: The Digital Struggle with China with Aynne Kokas (2022) *Beginner Resources* What is Cybersecurity? CISA (2021) [Short article] What is Cyber? Marketing Business Network, YouTube (2019) [2 min. video] Why Is Cybersecurity Important? CompTIA (n.d.) [Short article] DEEPER DIVE Primary Sources 2024 Report on the Cybersecurity Posture of the United States (2024) National Cyber Workforce and Education Strategy: Initial Stages of Implementation (2024) Executive Order on Preventing Access to Americans' Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern (2024) National Cybersecurity Strategy (2023) National Cybersecurity Strategy Implementation Plan (2023) National Cyber Workforce and Education Strategy (2023) CHIPS Act (2022) Executive Order on Improving the Nation's Cybersecurity (2021) *Wildcard Resource* Test your cybersecurity awareness with this #BeCyberSmart crossword from the Center for Development of Security Excellence. Learn more about your ad choices. Visit megaphone.fm/adchoices
Guest: Camille Stewart Gloster, Former Deputy National Cyber Director for Technology & Ecosystem, Award-winning Strategist & AttorneyWebsite: https://camillestewart.comLinkedIn: https://www.linkedin.com/in/camillestewartesqX (Twitter): https://www.twitter.com/camilleesqInstagram: https://www.instagram.com/camilleesq/Host: Dr. Rebecca WynnOn ITSPmagazine
This interview from August 18th, 2023 originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Simone Petrella sits down with Camille Stewart Gloster, Deputy National Cyber Director at the The White House discuss the White House's cybersecurity workforce and education strategy.
Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect! The 12 Days of Malware lyrics On the first day of Christmas, my malware gave to me: A keylogger logging my keys. On the second day of Christmas, my malware gave to me: 2 Trojan Apps... And a keylogger logging my keys. On the third day of Christmas, my malware gave to me: 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fourth day of Christmas, my malware gave to me: 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fifth day of Christmas, my malware gave to me: 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the sixth day of Christmas, my malware gave to me: 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the seventh day of Christmas, my malware gave to me: 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eighth day of Christmas, my malware gave to me: 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the ninth day of Christmas, my malware gave to me: 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the tenth day of Christmas, my malware gave to me: 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eleventh day of Christmas, my malware gave to me: 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the twelfth day of Christmas, my malware gave to me: 12 Hackers hacking... 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys.
Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect! The 12 Days of Malware lyrics On the first day of Christmas, my malware gave to me: A keylogger logging my keys. On the second day of Christmas, my malware gave to me: 2 Trojan Apps... And a keylogger logging my keys. On the third day of Christmas, my malware gave to me: 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fourth day of Christmas, my malware gave to me: 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fifth day of Christmas, my malware gave to me: 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the sixth day of Christmas, my malware gave to me: 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the seventh day of Christmas, my malware gave to me: 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eighth day of Christmas, my malware gave to me: 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the ninth day of Christmas, my malware gave to me: 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the tenth day of Christmas, my malware gave to me: 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eleventh day of Christmas, my malware gave to me: 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the twelfth day of Christmas, my malware gave to me: 12 Hackers hacking... 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys.
Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect! The 12 Days of Malware lyrics On the first day of Christmas, my malware gave to me: A keylogger logging my keys. On the second day of Christmas, my malware gave to me: 2 Trojan Apps... And a keylogger logging my keys. On the third day of Christmas, my malware gave to me: 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fourth day of Christmas, my malware gave to me: 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fifth day of Christmas, my malware gave to me: 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the sixth day of Christmas, my malware gave to me: 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the seventh day of Christmas, my malware gave to me: 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eighth day of Christmas, my malware gave to me: 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the ninth day of Christmas, my malware gave to me: 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the tenth day of Christmas, my malware gave to me: 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eleventh day of Christmas, my malware gave to me: 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the twelfth day of Christmas, my malware gave to me: 12 Hackers hacking... 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys.
In this episode, Ron and Chris are joined by Camille Stewart, the Global Head of Product Security Strategy at Google and Co-Founder of Share The Mic. The trio have an honest conversation about advocacy and representation in cybersecurity, the story behind Camille's Share The Mic social movement, how we can begin to move in the right direction, and how culture shapes the way we interact with technology. Lastly, Chris talks about Hacker Valley's stance on representation – from award nominations to our greatest loss in listenership history. Key Takeaways: 02:47 Bio 05:43 Advocacy - it's in my DNA 07:16 Giving a voice to the underrepresented 08:54 “Share The Mic” 12:28 The state of diversity in cybersecurity 14:28 Achieving a better tomorrow 18:94 How do we bridge the opportunities gap? 20:13 The intersection of culture and technology 22:45 Who is Camille Stewart? 26:00 The dark side of speaking up 28:53 This is a mission critical issue 30:12 Stay in touch with Camille! Links: Stay in touch with Camille Stewart on Twitter | LinkedIn |Instagram Hacker Valley Studio: Swag | LinkedIn | Twitter | Instagram | Email Ron & Chris | Website Support Hacker Valley Studio on Patreon Join our monthly mastermind group via Patreon This episode is sponsored by our friends at Uptycs and Axonius
Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect! The 12 Days of Malware lyrics On the first day of Christmas, my malware gave to me: A keylogger logging my keys. On the second day of Christmas, my malware gave to me: 2 Trojan Apps... And a keylogger logging my keys. On the third day of Christmas, my malware gave to me: 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fourth day of Christmas, my malware gave to me: 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fifth day of Christmas, my malware gave to me: 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the sixth day of Christmas, my malware gave to me: 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the seventh day of Christmas, my malware gave to me: 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eighth day of Christmas, my malware gave to me: 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the ninth day of Christmas, my malware gave to me: 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the tenth day of Christmas, my malware gave to me: 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eleventh day of Christmas, my malware gave to me: 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the twelfth day of Christmas, my malware gave to me: 12 Hackers hacking... 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys.
Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect! The 12 Days of Malware lyrics On the first day of Christmas, my malware gave to me: A keylogger logging my keys. On the second day of Christmas, my malware gave to me: 2 Trojan Apps... And a keylogger logging my keys. On the third day of Christmas, my malware gave to me: 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fourth day of Christmas, my malware gave to me: 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fifth day of Christmas, my malware gave to me: 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the sixth day of Christmas, my malware gave to me: 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the seventh day of Christmas, my malware gave to me: 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eighth day of Christmas, my malware gave to me: 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the ninth day of Christmas, my malware gave to me: 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the tenth day of Christmas, my malware gave to me: 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eleventh day of Christmas, my malware gave to me: 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the twelfth day of Christmas, my malware gave to me: 12 Hackers hacking... 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys.
WashingTECH Policy Podcast was started largely because of the impact of tech, AI and cybersecurity on communities of color, working class and immigrants, and none of the big players in the industry have it on their radar. Our conversation today is on this very topic and there is no one more knowledgeable on the topic than Camille Stewart. Camille Stewart is an attorney and executive whose crosscutting perspective on complex technology, cyber, and national security, and foreign policy issues has landed her in significant roles at leading government and private sector companies like the Department of Homeland Security, Deloitte, and Google. Camille builds global cybersecurity, privacy, and election security/integrity programs in complex environments for large companies and government agencies. Camille is the Global Head of Product Security Strategy at Google advising Google's product leads on federated security and risk. Previously, Camille was the Head of Security Policy for Google Play and Android at Google where she leads security, privacy, election integrity, and dis/mis-information. Prior to Google, Camille was a manager in Deloitte's Cyber Risk practice working on cybersecurity, election security, tech innovation, and risk issues for DHS, DOD, and other federal agencies. Diversity in Cybersecurity is a Problem We have long ignored the fact that addressing issues of diversity is more than just the right thing to do, as it is actually a mission imperative in cybersecurity. And as technology underpins pretty much everything that we do, how systemic racism is amplified, or cured by technology implementation, is something that we have to be thinking about. And the policy decisions that we've made in the past, and the ones that we make moving forward, are all impacted by a society built on systemic racism, our investments are all impacted by legacy and current day systemic racism, informed decision making policies and bodies. The Paper to Address Diversity The Aspen Institute came to Camille seeing this moment where we needed to kind of dive in and talk about how diversity, equity and inclusion is impacting the work and convened a large group of folks across diverse backgrounds, leaders in cybersecurity, academia, industry government, to come together for a closed door, Chatham House rules, discussion on how we could move the needle on this. How can we come together to identify what the issues are around diversity and cybersecurity and then come up with some solutions. And the thing that was really appreciated is, as Aspen and Camille worked through this, they were very clear that it needed to be action oriented. And so the discussion was really rooted in that how can we actually do work, take action, to drive diversity and inclusion in cybersecurity, for the betterment of not only the people who will and may participate in this industry, but also for the work. Why Diversity In Cybersecurity Should Matter to Everyone Let's think about the large scale cyber incidents we've seen recently. The attack on Colonial Pipeline then cascaded into you, not being able to get gas. The attack on JBS foods that meant you probably couldn't get your lunch meat for your kids, means that you should be concerned about cybersecurity as an individual. And there are so many other reasons beyond that, but those very large scale incidents are very attached to the individual and how they impact your ability to access services and operate, or because you as an individual could take an action that could lead to one of those breaches. So diversity, as a part of cybersecurity as a part of the industry is important because you can identify things based on your lived experiences and how technology shows up in your life that other people cannot. The Future of the Cybersecurity Workforce A lot of the diversity issues in cybersecurity are systemic. There are issues with hiring; there are issues with retention; issues of education. So many people don't even recognize the fact that working in technology, and cybersecurity is an option for them - access to the industry, building a network, etc. And so we created some buckets that kind of address those things divided up the practitioners that were participating. They put their brain power behind thinking about what are some solutions to the educational barriers. Certifications are a common tool in cybersecurity. But that's really tough, because most certifications require some years of experience. And you're seeing a lot of entry level jobs that require those certifications. How can it be an entry level job if you need five years of experience to get the certification that is required to get the job? Links and Resources: Connect with Camille on Twitter or Instagram @Camilleesq Camille's Paper
#ShareTheMicInCyber is a critical online conversation campaign on systemic racism in cybersecurity while shining a light on amazing Black practitioners... and providing career opportunities.Changemakers Camille Stewart and Lauren Zabierek came together to make the campaign a reality. Since mid-2020, the campaign has turned into an incredible movement within the cybersecurity community and has grown tremendously. Learn about their story of the formation of the campaign and it's importance.GuestsCamille StewartOn LinkedIn
Panel Two at the Future Strategy Forum 2021 focused on emerging technologies and statecraft. Camille Stewart, Ginny Badanes, Christie Lawrence, and Sanne Verschuren discussed the ways in which emerging technologies are shaping interstate interactions across the spectrum short of kinetic action, from statecraft and diplomacy to information operations. This panel was moderated by CSIS Senior Adviser Suzanne Spaulding.
Panel Two at the Future Strategy Forum 2021 focused on emerging technologies and statecraft. Camille Stewart, Ginny Badanes, Christie Lawrence, and Sanne Verschuren discussed the ways in which emerging technologies are shaping interstate interactions across the spectrum short of kinetic action, from statecraft and diplomacy to information operations. This panel was moderated by CSIS Senior Adviser Suzanne Spaulding.
Rachel Tobac hacks people based on publicly available information. Camille Stewart encourages people to mitigate risk and defend against Rachel’s methods. We’re bringing these two industry leaders together for this one-of-a-kind podcast that will explore social engineering risks and highlight some best practices to help protect users and organizations. Presenters: Camille Stewart, Cyber Fellow, Harvard Belfer Center and Head of Security Policy, Google Play & Android, Google Rachel Tobac, CEO, SocialProof Security, White Hat Hacker Kacy Zurkus, Content Strategist, RSA Conference
This first episode of season 5 is a lovefest with the founders and advisory board members of Diversity in National Security Action Network (DINSN). Together with Bunmi, Camille Stewart, Marcus T. Coleman Jr., and Clifford Pulley III recount the contributions of DINSN and share the call to action for others to continue the imperative of bringing greater diversity to foreign policy. They also share their thoughts on topics of the day related to voting rights, cybersecurity and competition with China. Follow DINSN on social media at NatSecDiver and stay connected to Camille (@CamilleEsq), Marcus (@MTColemanJr), and Clifford (Clifford Pulley on Linked In). --- Send in a voice message: https://anchor.fm/whatintheworld/message
The Senate will hold a hearing Tuesday investigating the SolarWinds hacks. SolarWinds is a massive IT company that contracted with the federal government. Its ubiquity let hackers get into at least nine federal agencies, including the departments of — just to pick three of the scariest options — Defense, Homeland Security and Treasury. The breach is what’s known as a supply chain hack. They’re increasingly common because it’s hard for companies and governments to verify the security of every company they work with. But experts say it’s time to create disincentives for not doing that homework. Molly spoke with Camille Stewart, a cyber-fellow at Harvard’s Belfer Center.
The Senate will hold a hearing Tuesday investigating the SolarWinds hacks. SolarWinds is a massive IT company that contracted with the federal government. Its ubiquity let hackers get into at least nine federal agencies, including the departments of — just to pick three of the scariest options — Defense, Homeland Security and Treasury. The breach is what’s known as a supply chain hack. They’re increasingly common because it’s hard for companies and governments to verify the security of every company they work with. But experts say it’s time to create disincentives for not doing that homework. Molly spoke with Camille Stewart, a cyber-fellow at Harvard’s Belfer Center.
The Senate will hold a hearing Tuesday investigating the SolarWinds hacks. SolarWinds is a massive IT company that contracted with the federal government. Its ubiquity let hackers get into at least nine federal agencies, including the departments of — just to pick three of the scariest options — Defense, Homeland Security and Treasury. The breach is what’s known as a supply chain hack. They’re increasingly common because it’s hard for companies and governments to verify the security of every company they work with. But experts say it’s time to create disincentives for not doing that homework. Molly spoke with Camille Stewart, a cyber-fellow at Harvard’s Belfer Center.
The Senate will hold a hearing Tuesday investigating the SolarWinds hacks. SolarWinds is a massive IT company that contracted with the federal government. Its ubiquity let hackers get into at least nine federal agencies, including the departments of — just to pick three of the scariest options — Defense, Homeland Security and Treasury. The breach is what’s known as a supply chain hack. They’re increasingly common because it’s hard for companies and governments to verify the security of every company they work with. But experts say it’s time to create disincentives for not doing that homework. Molly spoke with Camille Stewart, a cyber-fellow at Harvard’s Belfer Center.
Cybersecurity attorney Camille Stewart shares how her childhood affinity for making contracts pointed to her eventual career as an attorney. Having a computer scientist father contributed to Camille's technical acumen and desire to include technology in her life's work. Camille has worked various facets of cybersecurity law from the private sector, federal government, on the Hill and in the Executive Branch, and now as part of Big Tech as Head of Security Policy and Election Integrity for Google Play and Android where she creates policy geared towards making sure users are safe on their platform and equipped to make informed decisions.. We thank Camille for sharing her story with us.
Cybersecurity attorney Camille Stewart shares how her childhood affinity for making contracts pointed to her eventual career as an attorney. Having a computer scientist father contributed to Camille's technical acumen and desire to include technology in her life's work. Camille has worked various facets of cybersecurity law from the private sector, federal government, on the Hill and in the Executive Branch, and now as part of Big Tech as Head of Security Policy and Election Integrity for Google Play and Android where she creates policy geared towards making sure users are safe on their platform and equipped to make informed decisions.. We thank Camille for sharing her story with us.
Entertainment What's Poppin w/Deja Perez, Fitness w/Ieisha Ashwood, Relationships w/Cortina Peters, Finance w/Asia Thomas, Election Security w/Camille Stewart, Politics w/Na'ilah Amaru and Niya Brown Matthews our Woman to Follow. See omnystudio.com/listener for privacy information.
Ann Johnson, Corporate Vice President, Business Development, Security, Compliance, and Identity at Microsoft, discusses diversity in cybersecurity with Camille Stewart, head of security policy and election integrity for Android and Google Play, and Lauren Zabierek, executive director of the Cyber Project at Harvard Kennedy School’s Belfer Center. Camille and Lauren, whose #ShareTheMicInCyber campaign amplifies Black practitioners in tech, share insights on how organizations and individuals can identify blindspots, encourage uncomfortable dialogue, and nurture inclusivity in the industry. Listen to the second episode in this two-part discussion on how excluding diverse voices weakens our approach to security on a national scale, as well as the vulnerabilities we risk when bias is baked into technology.
? Ann Johnson, Corporate Vice President, Business Development, Security, Compliance, and Identity at Microsoft, discusses diversity in cybersecurity with Camille Stewart, head of security policy and election integrity for Android and Google Play, and Lauren Zabierek, executive director of the Cyber Project at Harvard Kennedy School’s Belfer Center. Camille and Lauren, whose #ShareTheMicInCyber campaign amplifies Black practitioners in tech, share insights on how organizations and individuals can identify blindspots, encourage uncomfortable dialogue, and nurture inclusivity in the industry. Listen to the first episode in this two-part discussion on how excluding diverse voices weakens our approach to security on a national scale, as well as the vulnerabilities we risk when bias is baked into technology.
Loren, Radha, and Erin invite Camille Stewart, non-resident fellow at Harvard's Belfer Center, to discuss all the cyber threats and how individual behavior uniquely connects with our ability to mitigate or respond to them. In keeping up foreign relations, we provide short updates on Alexei Navalny, Belarus, and Brexit alongside a brief farewell to Japanese prime minister Shinzo Abe. We'd like to remind you all that Syria, Afghanistan, and Iraq are still a thing, and after all the takes have been shared on Trump's views on service members, we talk about the role of the press in this story.
Loren, Radha, and Erin invite Camille Stewart, non-resident fellow at Harvard's Belfer Center, to discuss all the cyber threats and how individual behavior uniquely connects with our ability to mitigate or respond to them. In keeping up foreign relations, we provide short updates on Alexei Navalny, Belarus, and Brexit alongside a brief farewell to Japanese prime minister Shinzo Abe. We'd like to remind you all that Syria, Afghanistan, and Iraq are still a thing, and after all the takes have been shared on Trump's views on service members, we talk about the role of the press in this story.
Disinformation and misinformation have been blurring the line between fantasy and reality since the start of communication itself. But over the last decade, they’ve posed an increasing threat to democracy in the United States, with the 2016 presidential election becoming a major flashpoint in Americans’ understanding of the consequences of fake news. The false information flooding the internet and spreading like wildfire on social media pose risks not just to national and election security, but even to our health and safety. With its bots, troll farms, and vested interest in certain election outcomes, Russia has become America’s public disinformation enemy. But experts say that the power of foreign actors to sow discord rests, first and foremost, right here at home, and the solution may be different than you think. GUESTS: Mike Mazarr, Senior Political Scientist at RAND Corporation; Cindy Otis, Author, Former CIA Analyst, and disinformation investigations manager; Camille Stewart, Head of Security Policy for Google Play and Android; Russell Jeung, Professor of Asian American Studies at San Francisco State University ADDITIONAL READING: True or False: A CIA Analyst's Guide to Spotting Fake News, Cindy Otis. Vote and Die: Covering Voter Suppression during the Coronavirus Pandemic, Nieman Foundation. Combating Disinformation and Foreign Interference in Democracies: Lessons From Europe, Margaret L. Taylor.
Microsoft urges Exchange server patching. Sure it does your taxes, but it’s got another agenda, too: the GoldenSpy backdoor may be in your tax software if you do business in China. Magecart ups its game. DDoSecrets says they’re not going to roll over for Twitter’s “Nixonian” schtick. Camille Stewart from Google and Lauren Zabierek from Harvard’s Belfer Center on the #Sharethemicincyber event and why systemic racism is a threat to cybersecurity. Rick Howard wraps up cybersecurity canon week with guests Richard Clarke and Robert Knake, authors of The Fifth Domain. And there’s another unsecured Amazon S3 bucket, and this exposure could present a serious risk to some people who already have trouble enough. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/9/124 - More info on the #Sharethemicincyber event. - Camille Stewart's essay on systemic racism in cyber.
This is an extended interview of our conversation with Camille Stewart and Lauren Zabierek originally aired in our daily podcast 06/26/2020. In response to anti-black racism and the deaths of countless black people, the country and the world are standing up against systemic racism in response. Many in the cybersecurity community have been searching for ways to amplify the voices of black and brown practitioners in the national security/foreign policy space. Inspired by the ShareTheMic campaign on Instagram, Camille Stewart (@CamilleEsq on Twitter) and Lauren Zabierek (@LZXDC on Twitter) have teamed up to launch the ShareTheMicInCyber Twitter campaign. On June 26, 2020, prominent members of the cybersecurity community will spend the day tweeting about a Black cybersecurity practitioner. More info on Sharethemicincyber Camille Stewart's essay
Ambassador Bonnie Jenkins, founder and president of the Women of Color Advancing Peace, Security and Conflict Transformation (WCAPS), joins Press the Button for a discussion on her work and why the current moment of protest and awareness sweeping the country only underscores the need for systemic change. Ambassador Jenkins recently joined the Ploughshares Fund board of directors. Early Warning features Camille Stewart of New America and our senior program officer/nuclear field coordinator John Carl Baker on the ongoing protests against police brutality and the deterioration of inter-Korea relations.
I sit down with Ms. Camille Stewart and talk about her many projects, life as an attorney and techie, and old fashioneds
From hacked emails to questionable election results, Cybersecurity is often looked at as something outside of our control. Our Cyberhero, Tech policy expert, and advocate of digital smarts, Camille Stewart, shares every day cyber tips to protect users and the country. We talk about the basics of cybersecurity (the players, the issues, and challenges), her #EveryDayCyber campaign, and tech policies that impact our lives and issues like national security. --- Send in a voice message: https://anchor.fm/whatintheworld/message
While visions of sugar plums might be dancing in children’s heads as we close out 2019, the 2020 elections are occupying the head space of many adults in the U.S. In 2016, the importance of election security was made crystal clear. What’s happened since then? Are we ready for 2020? How do experts believe our defenses will hold up when tested by foreign and even domestic attacks?We spent an hour exploring election security (and more) with Camille Stewart, a cyber security attorney with experience working inside tech companies as well as considerable time spent on Capitol Hill in both the Department of Homeland Security and as a consultant. Camille breaks down the major aspects of election security and we discuss why it’s seemingly so fractured across municipalities-- and why that may not be such a bad thing after all. Jack, Dave and Camille debate how election defenses might be improved, from the role of open source and private services to “defending forward” by taking out troll farms. While Camille declined to grade our readiness for the attacks in 2020 (which have already begun), Camille does make predictions about what will happen during the ‘20 elections, including the likelihood of domestic influence campaigns.Our ~75 minute conversation with Camille showcases the breadth of her experience in both the Silicon Valley and Washington D.C. She explains lessons learned from her time protecting brands at Cyveillance, breaking down the optimal way to get a social media company’s attention when you’d like to have something changed or removed. Camille also explains how State security might be modeled after progressive smaller countries who excel in cyber, leaning on her time working in foreign relations during the Obama Administration. We wrap up with her recent investigation and resulting paper on how foreign nations, especially China, have been leveraging U.S. bankruptcy proceedings to acquire large amounts of American intellectual property on the cheap.
There’s a lot of information out there about health care in the U.S., but what about Canada? Is it actually free? What isn’t covered by our government? And does it make sense to get private health insurance? I sit down with Camille Stewart, Vice President of Strategy and Digital Experience at Manulife Canada, to discuss all of this and more. Camille became interested in working in insurance because of a personal family experience that she shares in this episode. Ever since then, she’s felt a deep passion for educating others about how to properly protect themselves in terms of their health. For more helpful resources on health care in Canada and health insurance in Canada, check out the show notes for this episode. Visit jessicamoorhouse.com/contests to enter to win a copy of one of the books featured on this season of the podcast! For full episode show notes visit https://jessicamoorhouse.com/217
Camille Stewart talks about a little-known national security risk: China's propensity to acquire U.S. technology through the bankruptcy courts and the many ways in which the bankruptcy system isn't set up to combat improper tech transfers. Published by the Journal of National Security Law & Policy, Camille's paper is available here. Camille has enjoyed great success in her young career working with the Transformative Cyber Innovation Lab at the Foundation for Defense of Democracies, as a Cybersecurity Policy Fellow at New America, and as a 2019 Cyber Security Woman of the Year, among other achievements. We talk at the end of the session about life and advancement as an African American woman in cybersecurity. Want to hear more from Camille on this topic? She'll be speaking Friday, Sept. 13, at a lunch event hosted by the Foundation for Defense of Democracies (FDD). She'll be joined by fellow panelists Giovanna Cinelli, Jamil Jaffer and Harvey Rishikof, along with moderator Dr. Samantha Ravich. The event will be livestreamed at www.fdd.org/events. If you would like to learn more about the event, please contact Abigail Barnes at FDD. If you are a member of the press, please direct your inquiries to press@fdd.org. In the News Roundup, Maury Shenk tells us that UK courts have so far resisted a sustained media narrative that all facial recognition tech is inherently evil. Americans seem to agree, Matthew Heiman notes, since a majority trust law enforcement to use it responsibly. Which is more than you can say for Silicon Valley, which only 36 percent of Americans trust with the technology. Mieke Eoyang and I talk about the Department of Homeland Security's plan to use fake identities to view publicly available social media postings and the conflict with social media sites' terms of service. I am unsympathetic, given the need for operational security in conducting such reviews, but we agree that DHS is biting off more than it can chew, especially in languages other than English. But really, DHS, how clueless can you be when your list of social media to be scrutinized includes three-years-dead Vine but not TikTok, which Mieke notes ironically is “what all the kids are using these days.” Maury brings us up to speed on EU plans for the tech sector, which will be familiar to Brits contemplating the EU's plan for them. And speaking of EU hypocrisy and incoherence (we were, weren't we?), Erin Egan of Facebook has written a paper on data portability that deserves more attention, since it's impossible to square the EU's snit over Cambridge Analytica with its sanctifying of the principle of “data portability.” The paper also calls out the Federal Trade Commission for slamming Facebook for Cambridge Analytica while Commissioner Noah Phillips is warning that restrictions on data transfers can be anticompetitive. I promise to invite the commissioner on the podcast again to explore that issue. Well, that was quick: Fraudsters used AI to mimic a CEO's voice—accent, “melody” and all—in an unusual cybercrime case. Anyone can do this now, Maury explains. I tell listeners how to tell whether my voice has been AI-napped in future episodes. In short hits, Mieke and I mock Denmark's appointment of an “ambassador” to Silicon Valley. Way to cut the Valley down to size, Denmark! Maury notes that FinFisher is under investigation for violating EU export control law by selling spyware. Mieke does her best to rebut my suggestion that Silicon Valley's bias is showing in the latest actuarial stat: It turns out that 10 percent of the accounts that President Trump has retweeted have been deplatformed. Matthew and I note that China has been caught hacking several Asian telecomm companies to spy on Uighurs. Of course, if the U.S. had 5,000 citizens fighting for the Islamic State and al-Qaeda, as China claims to have, we'd probably be hacking all the same companies. State attorneys general will launch sweeping and apparently bipartisan antitrust probes into Facebook and Google this week. Good to see Silicon Valley bringing Rs and Ds together at last; who says its business model is social division? Finally, Mieke leaves us uneasy about the online security of our pensions, as hackers steal $4.2 million from one fund via compromised email. Download the 277th Episode (mp3). You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed! As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@steptoe.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of the firm.
For years, technologists wondered why the law can’t keep pace with technology. Instead of waiting for the government to pass a regulation, should we enlist private companies to regulate? However, in a recent interview with privacy and cybersecurity attorney Camille Stewart, she said that laws are built in the same way a lot of technologies are built: in the form of a framework. That way, it leaves room and flexibility so that technology can continue to evolve. While technologists and attorneys continue that debate, the US Federal Trade Commission is hard at work. They recently announced, “If a company chooses to implement some or all of GDPR across their entire operations, and makes promises to U.S. consumers about their specific practices,” they must live up to those commitments, otherwise the FTC could initiate an enforcement action if the company does not comply with” the EU data protection promises for U.S. customers. Other articles discussed: Why your brain never runs out of problems to find A bug in Samsung’s default texting app AZ and CA’s breach notification law Tech’s ‘Dirty Secret’: The App Developers Sifting Through Your Gmail Tool of the week: Apfell Panelists: Cindy Ng, Mike Buckbee, Forrest Temple, Kris Keyser
We continue our conversation with cyber and tech attorney Camille Stewart on discerning one's appetite for risk. In other words, how much information are you willing to share online in exchange for something free? It's a loaded question and Camille takes us through the lines of questioning one would take when taking a fun quiz or survey online. As always, there are no easy answers or shortcuts to achieving the state of privacy savvy nirvana. What's also risky is that we shouldn't connect laws made in the physical world to cyberspace. Camille warns: if we start making comparisons because at face value, the connection appears to be similar, but in reality isn't, we may set up ourselves up to truly stifle innovation. Choosing Convenience over Privacy Camille Stewart Hi, I'm Camille Stewart. I'm a cyber and technology attorney. I am currently at Deloitte working on cyber risk and innovation issues, so identifying emerging technologies for the firm to work with. Prior to that, I was a senior policy advisor at the Department of Homeland Security working on cyber infrastructure regarding to foreign policy in the Office of Policy. I was an appointee in the Obama Administration. And then prior to that I was in-house at a cybersecurity company. So I've worked in both the public sector and the private sector on cyber issues. Cindy Ng Thanks, Camille. Can you talk a little bit about privacy conceptually? Everybody wants privacy, it seems like a good thing, but why aren't people picking privacy over convenience? Convenience, yes, it's easy but what about privacy is not getting through to people? Camille Stewart I don't think people are looking at the long-term ramifications, right? I know very recently we had the genetic testing case that helped lead to a killer, which is wonderful in that specific instance. But I doubt that anybody who sends in their genetic information, had it tested and figured out their heritage has thought about how that data might be used otherwise, has read the disclaimer that tells you how your data will be used whether it's for research, whether it will be used by the police, whether it will be used to create new things. And if anybody remembers Henrietta Lacks, her data was used to create all of these things that are very wonderful but she never got any compensation for it. Not knowing how your information is used takes away all of your control, right? And a world where your data is commoditized and it has a value, you should be in control of the value of your data. And whether it's as simple as we're giving away our right to choose how and when we disburse our information and/or privacy that leads us to security implications, those things are important. For example, you don't care that there's information pooled and aggregated from a number of different places about you because you've posted it freely or because you traded it for a service that's very convenient until the moment when you realize that because you took the quiz and let this information out or because you didn't care that your address was posted on like a Spokeo site or something else, you didn't realize that all of the questions to your banking security information are now all easily searched on the internet and probably being aggregated by some random organization. So somebody could easily take and say, "Oh, what's your mother's maiden name? Okay. And what city do you live in? Okay. And what high school did you go to? Okay." And those are three pieces of information that maybe you didn't post in the same place but you posted and didn't care because you traded it for something or you posted it and you didn't think it through and now they can aggregate it because you use those two things for everything and now someone has access to your bank account, they've got access to your email, they've got access to all of these things that are really important to you and your privacy has now translated into your security. Cindy Ng I was just talking to my coworkers about this that it doesn't come naturally to know not to answer these questions because you can online somewhere and let's say you’re a part of a community you trust and you answer these innocuous questions and then you won't necessarily have the foresight to know that it's gonna come back and hurt you. How did you come up with the reasoning behind, "Oh, I probably shouldn't answer those questions?" Because you kinda have to be a little skillful and have a bit of foresight or some knowledge to even think in the way that you do. Camille Stewart No, you're right, there is a level of savvy that has to happen for you to think that way and a level of, like you said, foresight or a level of reaction, right? Most people aren't thinking that way because they knew it before it happened but now that the information's out there, they're taking action. And I think there are a lot of people who are neglecting that. So we all, just like organizations, just have to press it, have to make this vision become their appetite for risk. We as individuals have to do the same. And so if you are willing to risk because you think either, "They won't look for me," or, "I'm willing to take the hits because my bank will reimburse me," or whatever the decision which you are making, I want you to be informed. I'm not telling you what your risk calculus is but I wanna encourage people to understand how information can be used, understand what they're putting out there and make decisions accordingly. So your answer to that might be like "Look, I don't wanna give up taking Facebook for this or sharing information in a community that I trust on some social site but what I will do is have a set of answers that I don't share with anyone to those normal questions that they use for password reset that are wrong but only I know the fake answers that I'm using for them." So instead of your actual mother's maiden name, you're using something else and you've decided that that's one of the ways that you will protect yourself because you really wanna still use these other tools and that might be the way you protect yourself. So I challenge people not to give up the things that they love, like I mean, I would assess whether or not certain things are worth the risk, right? Like a quiz on Facebook that makes you provide data to an external third party that you're not really sure of how they're using it, not likely worth it. But the quizzes where you can just kinda take them, that might be worth it. I mean, the answers you provide for those questions still are revealing about you but maybe not in a way that's super impactful. Maybe in a way that's likely just for marketing and if you're okay with that, then take that or you go resilient the other way. Artificial Intelligence and Legal Protections Cindy Ng I wanna talk about an article that an attorney wrote, Tiffany Li, she wrote about how AI will someday eclipse the intelligence of the human and whether or not AI will have legal protections and then she juxtaposed it with the case with the monkey and how a monkey took a photographer's camera and took a selfie and there was a lawsuit with how we can use the monkey's lawsuit as precedent for future cases such as AI and recently, the monkey lost the lawsuit. Not the monkey but PETA. I just wanna hear from your perspective, as a lawyer, how to think about it moving forward. Camille Stewart I mean, it remains to be seen how things like AI will translate, especially in terms of creative spaces. It will be hard to determine ownership if a machine creates a work. And I mean, they'll come down to a final decision. We'll have to decide that things that are created by a machine and solely by a machine, right, like if there are human's input we might make one decision versus if it's solely created by a machine, we might say that that is in the public sphere and anybody can use it and is not as anything that has any kinda attributable protection. Versus if there is human input, we would decide that that is something that they can then own the production of, right, because they contributed to the making of whatever the end product is. It's hard to speculate but there will have to be a line drawn and it's likely somewhere in there, right? The sense that there is enough human interjection, whether that is from the input from whatever creative process is happening by the machine or in the creation of the process or program or software that is being used and then spit out some creation on the end, there will have to be a law or I guess at least case law that kinda dictates where that line is drawn. But those will be the things that's fun, right? Tiffany, and other lawyers like myself, I think those are the things that we enjoy most about the space is that stuff is unclear. And as these things roll out you get to make connections with the monkey case and AI and with other things that have already happened and new processes, new tech, new innovations and try to help draw those lines. Cindy Ng Is there anything we need to look out for that we're not aware of? Or certain connections that are sorta in the legal space that people in the tech space aren't aware of? Camille Stewart So I was gonna say, I don't actually think it is safe to on a broad scale without some level of assessment, connect laws made in accordance with the physical world to cyberspace, I think it's dangerous, because usually they're not one for one. It is the place where most people start because it's the easiest proposition to compare something that we've seen before with something in cyber. But they don't always compare or don't always compare in the way that we would think that they would. And so it's dangerous to make those comparisons without some level of assessment. And so I would tell people to challenge those assessments when you hear them and try to poke holes in them, because bad facts make for bad law. And if we take the easy route and just start making comparisons because on their face they seem similar, we may set up ourselves up to truly stifle innovation, which is exactly what we're trying to prevent. Cindy Ng Can you provide us with an example of why it's dangerous, because it feels like the natural thing to do? Camille Stewart No, you're right, it does feel natural. I'm trying to think of something...I'm thinking more along the lines of likening something physical to something cyber. So let's think about borders, right? So borders in a physical sense are very clear limitations of authority and operation. You can't cross a physical border without being able to use a passport, a Visa, things like that and they can control physical entry and exit at a border, a different country can. That is not the same as cyber-based. And to liken the two in the way that you use rules is not smart, right? It's your first inclination to wanna try to stop data flow at the edge of a country, at the edge of some imaginary border, but it is not realistic because the internet by its very nature is global and interconnected and, you know, traverses the world freely and you can't really stop things on that line, which is why things like GDPR are important for organizations across the world because as a company that has a global reach because you're on the internet, you will be affected by how laws are created in different localities. So that's a very big example but it happens in very discreet ways too when it comes to technology, cyberspace, and physical laws. Or the physical space and laws that are operated in that way and so I would challenge people that when you hear people make a one for one connection very easily without some level of assessment to try to question that to make sure it really is the best way to adapt some things to the given situation. The reason for example, Tiffany's likening of AI to this monkey case, it's an easy connection to make because in your head you think, "Well, the monkey is not human, they made a thing, and if they can't own the thing then when you do that online and a machine makes a thing, they can't own a thing." But it very well may not be the same analysis that needs to be made in setting, right? The lines may become very different because none of us could create a monkey. So if I can't create a monkey, then it's harder to control the output of that monkey. But I could very well create a machine that could then create an output and shouldn't I be the owner of that output if I created the machine that then created the output? Cindy Ng Mm-hmm. Camille Stewart But that was my point is that likening things that on their face being the same, the lines therein might be different or they just might be different altogether because cyberspace and the physical space are not a one for one.
Many want the law to keep pace with technology, but what's taking so long? A simple search online and you'll find a multitude of reasons why the law is slow to catch up with technology - lawyers are risk averse, the legal world is intentionally slow and also late adopters of technology. Can this all be true? Or simply heresy? I wanted to hear from an expert who has experience in the private and public sector. That's why I sought out the expertise of Camille Stewart, a cyber and technology attorney. In part one of our interview, we talk about the tension between law and tech. And as it turns out, laws are built in the same way a lot of technologies are built: in the form of a framework. That way, it leaves room and flexibility so that technology can continue to evolve. Frameworks Reign in Law and Tech Camille Stewart Hi, I am Camille Stewart. I'm a cyber and technology attorney. I'm currently at Deloitte working on cyber risk and innovation issues, so identifying emerging technologies for the firm to work with. Prior to that, I was a Senior Policy Advisor at the Department of Homeland Security working on cyber infrastructure, and foreign policy in the office of policy. I was an appointee of the Obama administration. And then prior to that, I was in-house at a cybersecurity company. I worked in both the public sector and the private sector on cyber issues. Cindy Ng Today, we're gonna be talking about the tension between law and technology, where a law takes a lot of time and inquiry to create something that makes sense and hopefully is impactful for years to come, whereas technology, it's really about ideation and creating and bringing product and service to market as quickly as possible. Tech people, they want law to catch up with technology. Lawyers wished tech people would understand the law a little bit more. And some have even criticized that the law doesn't move as quickly as technology, and you have a lot of experience both as a cybersecurity attorney in Washington and in the private sector. And I'm wondering if there's a deeper divide between the two entities, and I'm wondering if you can share your experience with us in working with lawmakers as well as your experience in the private sector. Camille Stewart Yeah, so, I mean, I think one misconception is you don't want the law to keep pace with innovation. There's no way for you to legislate for future occurrences and for the ideation and innovation we've talked about. You want the law to leave room and flexibility so that technology can continue to evolve. And so that's kind of what has to happen. It's frustrating that there are no legal recourses when an issue comes up, but you almost have to test those boundaries to figure out a framework to fit your bill to address issues that are coming. So even the laws that we do build tend to be framework because we need to leave room for that innovation and ideation. And part of the tension between technology communities and lawyers and technology communities and the general public or the government is trust. So technologists don't trust the government with the information that they have, and the government wants to build that trust desperately so that we can leverage the resources that are at the disposal of both. You know, the government has a lot of insight and intelligence that they can layer over the tools and capabilities in the private sector, and if they came together, it's great, but there's this base level of trust and understanding of what each is trying to do that if we could bridge that gap, so much more could be done. Cindy Ng Is there a think tank or a non-profit or some kind of institution that can bridge that gap that you've seen develop over the past few years? Camille Stewart Yeah, so there are a number that are working on this, whether it's issue-specific, right, "So let's talk about surveillance and bringing people together around that." "Let's talk about a given issue and discuss that." Also the government is trying that. Organizations like DHS that work with the private sector quite a bit are trying to build those bridges and find ways to share information in a way that's valuable to both the private sector and the government through things like AIS, the Automated Indicator Sharing system. And it's gonna be a slow process. Those trusts are bolted tight. Private sector has coalesced together to build trust circles with their peers and people that they know doing work that they understand, and they're sharing information that way. And those mechanisms have become pretty robust and helpful, but the government has to be able to be a part of that for us to really complete the picture, and that's the work that's being done, some through non-profit organizations, NGOs, but also through the government and the private sector starting to get into a room. And then, as people move back and forth across lines, right, traditionally people were govies for life, or they were in the private sector. Now there's more movement back and forth, and that'll help build the trust as well. Bridging the Gap between Law and Tech Cindy Ng What would you say to lawyers who need to understand technology and technologists that need to understand the law? Camille Stewart I would say at a base level, do the work to understand the content. Lawyers need to take the time to understand the technology, to ask the questions, understand what the end goal is, and understanding what the technologist is building and for what end user. And the nice thing is that a lawyer is likely the end user of many of the products that they're speaking to understand, so they can easily understand that perspective. And then do the to work to understand how we got there, how the technologists built that. And then technologists, on the other hand, need to be willing to have those conversations and those explanations and understand that lawyering of the past, there was the perception that lawyers were just gonna say no. Right? They're risk averse, they aren't gonna let you ideate and innovate, they're just gonna shut it down. And that's not really true. My job as a lawyer and the jobs of lawyers at companies today, especially if they deal with technology and cyber issues, is to lay out the risk, understand the organization’s risk calculus, and to put the information in front of leadership so that they can make an informed decision and then help to build a cast-forward that calculates those risks, that mitigates those risks to the best of their ability and be ready to support the company in what they've done. So, with that base level understanding and the willingness to do the work to understand, lawyers can be great assets to technologists because they can be translators, different communities, as well as the company builds out and understands what the risk posture is. It's important to have all key stakeholders as part of that discussion, and lawyers are definitely part of that group. Cindy Ng So you talk about trust and doing your homework having a baseline knowledge of the other's concepts and principles. What have you seen in your work that has worked that you've seen others reach over the aisle, and are you able to provide an example? And also, what doesn't work? Camille Stewart I think the biggest catalyst for change is that things happen, right? So, a breach occurs, and you watch this organization scramble to figure out how to right itself after this big occurrence and realizing that the stakeholders that you were encouraged to have in the room initially were essential when this thing exploded. And had you accounted for more perspective on the front end in a proactive way, it would have mitigated some of the risk on the back end or you would have been able to right yourself more quickly. And so I think watching that occur has started a number of organizations and built a number of frameworks to help organizations get the right people in the room and encourage people to do the work to figure out where different players fall in the conversations that they're having as an organization about how the security is evolving and how technology will be used and integrated in the organization. But I think that outside factors in this area of law and cyberspace evolving has done a lot of the work to encourage the collaboration that's needed.
Happy New Year! Inaugural fellow Camille Stewart joins us to talk “responsible” encryption policy in the Trump administration as well as her new podcast, Hustle Over Entitlement. We talk about her journey, from drafting contracts as a child to negotiating national security policies with the Five Eyes. We’re beyond thrilled to start the year […]
Camille Stewart is a senior consultant with Deloitte & Touche LLP's cyber risk services practice focused on cyber, privacy, and identifying emerging technologies to bring to market. As a cyber, technology, and intellectual property attorney, Camille brings specialized, crosscutting perspective to bear on complex technology, cyber, and national security issues. She served as the Senior Policy Advisor for Cyber Infrastructure & Resilience Policy at the Department of Homeland Security in the Obama Administration. Prior to working at DHS, Camille spent five years as the Senior Manager, Legal Affairs at Cyveillance, Inc. She also founded a legal consultancy and startup incubator, MarqueLaw, PLLC. Camille is an Inaugural Internet Law and Policy Foundry Fellow, a Truman National Security Fellow, a Council on Foreign Relations Term Member, and is the Chair of the of Women in Technology's Young Professionals. Camille recently launched the Hustle Over Entitlement Podcast where she and her co-host tell stories of trailblazers and risk takers. Subscribe. Listen & Share. www.HustleOverEntitlement.com. You can find out more about Camille and her current projects at www.CamilleStewart.com or follow her on Twitter @CamilleEsq
Camille Stewart