Everyone agrees that the United States has a serious cybersecurity problem. But how to fix it—that's another question entirely. Over the past decade, a consensus has emerged across multiple administrations that NIST—the National Institute of Standards and Technology—is the right body to set cybersecurity standards for both the government and private industry. Alan Rozenshtein, Associate Professor of Law at the University of Minnesota and Senior Editor at Lawfare, spoke with Bryan Choi, who argues that this faith is misplaced. Choi is an associate professor of both law and computer science and engineering at The Ohio State University. He just published a new white paper in Lawfare's ongoing Digital Social Contract paper series exploring NIST's history in setting information technology standards and why that history should make us skeptical that NIST can fulfill the cybersecurity demands that are increasingly being placed on it.

Support this show http://supporter.acast.com/lawfare.

Hosted on Acast. See acast.com/privacy for more information.