The limits of the military approach to cybersecurity 

At a high-level cyber meeting in Washington, DC a few years back, I listened to a presentation given by a senior military officer on a plan to improve electric grid cybersecurity in the U.S.. Afterwards I asked him: so did you discuss your ideas with any of the state Public Service Commissions?  Answer:  what’s a Public Service Commission?

Just an example of the limits to military approach to securing critical infrastructure.

DHS S&T Awards Nearly $1M to Five Start-Ups for Phase 2 Cybersecurity R&D


The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) recently announced a total of $999,780 in awards to five companies advancing to Phase 2 of the Silicon Valley Innovation Program (SVIP).  The Phase  projects were awarded through the DHS S&T Securing the Internet of Things (IoT), Solicitation.

The five companies receiving Phase 2 awards are: Continue reading

Daffy Duck the Original IoT Ransomware Hype-Master?

For a small price, I can install this little blue button to get you down

–Daffy Duck

You could say Daffy invented Internet of Things hype well before the Internet and in turn the worst of modern security nightmares.  In the immortal animated short Design for Leaving (1954) Daffy stars as the ultimate a fast-talking pushy salesman who installs the Push Button House of Tomorrow at hapless Elmer Fudd’s place (after kicking Elmer out his own home).  Naturally Elmer and his house proceed to suffer from the various “improvements” and at the very end there’s a special blue button to be sold — a 1950’s version of ransomware.

An Overview of the DARPA Research Portfolio 

In her final “all hands” presentation to Agency staff, Former DARPA Director Arati Prabhakar walked through a selection of DARPA research programs, highlighting the Agency’s objectives for the research and its potential impact. Prabhakar described the presentation as “a tour through the work that DARPA is doing in the mid-teen years of the 21st century.” Not every effort discussed will be successful, she said, but in this portfolio are the technologies that will fundamentally recast military capability, change national security outcomes, and reshape how future societies around the world live and work.The meeting took place December 12, 2016, at the DARPA Conference Center in Arlington, Va.

Agency as a Normative Theory of Trust

In this paper my colleague and I describe a theory and model of trust derived from fundamental principles of the law of agency.  This theory could be useful for studying domains where technology complexity is high and human trust is critical including autonomous systems, cybersecurity and technology governance.


To be given the authority to exercise discretion on behalf of another is the hallmark of trust for a human agent. We posit that norms of agency help reduce the risk in deploying agents thus enabling greater trust. We demonstrate that the core principles of legal agency can be formalized into a novel, non-quantitative theory describing trust in agency relationships. Related to this are theories of incentives and contract theory which describe how humans construct systems of norms, rules and laws in the presence of uncertainty and asymmetric information.

The paper outlines key concepts of agency underlying the theory. Specifically the theory is derived from the principles of actual authority found in the Restatement of Agency, Third.

Continue reading