Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy (2010)

Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

Appendix D Biosketches of Committee and Staff COMMITTEE MEMbERS John D. Steinbruner is a professor of public policy at the School of Public Policy at the University of Maryland and director of the Center for International and Security Studies at Maryland (CISSM). His work has focused on issues of international security and related problems of international policy. Dr. Steinbruner was director of the Foreign Policy Studies Program at the Brookings Institution from 1978 to 1996. Prior to joining Brookings, he was an associate professor in the School of Organization and Manage- ment and in the Department of Political Science at Yale University from 1976 to 1978. From 1973 to 1976, he served as associate professor of public policy at the John F. Kennedy School of Government at Harvard University, where he also was assistant director of the Program for Science and International Affairs. He was an assistant professor of government at Harvard from 1969 to 1973 and an assistant professor of political science at the Massachusetts Institute of Technology from 1968 to 1969. Dr. Steinbruner has authored and edited a number of books and monographs, including the Cybernetic theory of decision: new dimensions of Political Analysis (Princeton University Press, originally published 1974, second paperback edition with new preface, 2002); Principles of global Security (Brookings Institution Press, 2000); and A new Concept of Cooperatie Security, with Ashton B. Carter and William J. Perry (Brookings Occasional Papers, 1992). His articles have appeared in Arms Control today, the Brookings Reiew, dædalus, Foreign Affairs, Foreign Policy, international Security, Scientific American, washington Quarterly, and other journals. Dr. Steinbruner is currently co-chair of the Committee on International Security Studies of the Ameri - can Academy of Arts and Sciences, chairman of the board of the Arms Control Association, and board member of the Financial Services Volunteer Corps. He is a fellow of the American Academy of Arts and Sciences and a member of the Council on Foreign Relations. From 1981 to 2004 he was a member of the Committee on International Security and Arms Control of the National Academy of Sciences, serving as vice chair from 1996 to 2004. He was a member of the Defense Policy Board of the Department of Defense from 1993 to 1997. Dr. Steinbruner received his A.B. from Stanford University in 1963 and his Ph.D. in political science from the Massachusetts Institute of Technology in 1968. Steven M. bellovin is a professor of computer science at Columbia University, where he does research on networks, security, and especially why the two don’t get along. He joined the faculty in 2005 after many years at Bell Labs and AT&T Labs Research, where he was an AT&T fellow. He received a B.A.  

 PRoCEEdingS oF A woRkSHoP on dEtERRing CYBERAttACkS from Columbia University and an M.S. and a Ph.D. in computer science from the University of North Carolina at Chapel Hill. While a graduate student, he helped create Netnews; for this, he and the other perpetrators were given the 1995 Usenix Lifetime Achievement Award (The Flame). He is a member of the National Academy of Engineering and is serving on the Computer Science and Telecommunica - tions Board of the National Academies, the Department of Homeland Security’s Science and Technology Advisory Committee, and the Technical Guidelines Development Committee of the Election Assistance Commission. He has also received the 2007 NIST/NSA National Computer Systems Security Award. Dr. Bellovin is the co-author of Firewalls and internet Security: Repelling the wily Hacker, and he holds a number patents on cryptographic and network protocols. He has served on many National Research Council (NRC) study committees, including those on information systems trustworthiness, the privacy implications of authentication technologies, and cyber security research needs. He was also a member of the information technology subcommittee of an NRC study group on science versus terrorism. He was a member of the Internet Architecture Board from 1996 to 2002, and he was co-director of the Security Area of the IETF from 2002 through 2004. Stephen Dycus has been a member of the faculty at Vermont Law School since 1976. He teaches national security law, public international law, estates, property, and water law. Professor Dycus is the lead author of two casebooks, national Security law (4th ed., 2007) and Counterterrorism law (2007) and the author of national defense and the Enironment (1996). He was a founding co-editor in chief of the Jour- nal of national Security law & Policy. He was also founding chair of the National Security Law Section, Association of American Law Schools. Professor Dycus earned B.A. and LLB degrees from Southern Methodist University and an LLM degree from Harvard University. He was a visiting scholar at the University of California, Berkeley’s Boalt Hall School of Law in 1983-1984 and the Natural Resources Defense Council in Washington, D.C., in 1991. He was a visiting professor at the U.S. Military Academy at West Point in 1991-1992 and at Petrozavodsk State University in Karelia, Russia, in 1997. Professor Dycus is a member of the American Law Institute. Sue Eckert has spent her career in the policy arena focusing on issues at the intersection of international security and political economy. As a senior fellow at the Watson Institute for International Studies at Brown University, her research concentrates on making UN sanctions more effective through targeting and combating the financing of terrorism and strengthening private-sector cooperation in critical infra - structure protection. At the Institute of International Economics in Washington, D.C., she coauthored a policy primer on global electronic commerce. From 1993 to 1997, Ms. Eckert was appointed by the President and confirmed by the Senate as assistant secretary of commerce for export administration, responsible for U.S. dual-use export control policy and defense industrial base programs. Previously, she served on the professional staff of the U.S. House of Representatives’ Committee on Foreign Affairs, where she oversaw technology transfer, international trade, and national security/nonproliferation issues. In addition, she has worked extensively with UN entities, as well as business groups, and she has served on numerous working groups and committees addressing security and technology issues, including the Resource Group advising the UN’s High-Level Panel on Threats, Challenges, and Change, established by then-Secretary-General Kofi Annan, the Club of Madrid’s International Summit on Democracy, Terrorism, and Security, and the NRC Committee on the Science, Technology, and Health Aspects of the Foreign Policy Agenda of the United States. Jack L. goldsmith III has been a professor of law at Harvard Law School since 2004. From 2003 to 2004 he was the assistant attorney general of the U.S. Department of Justice’s Office of Legal Counsel. He was a professor of law at the University of Virginia Law School from 2003 to 2004. He previously served on the faculty of the University of Chicago Law School as an associate professor from 1994 to 1997 and was special counsel to the general counsel in the Department of Defense. Mr. Goldsmith received his B.A. in philosophy summa cum laude from Washington and Lee University in 1984, a B.A. in philosophy, 

 APPEndiX d politics, and economics with first class honors from Oxford University in 1986, a J.D. from Yale Law School in 1989, and a diploma in private international law from The Hague Academy of International Law in 1992. After law school he clerked for Judge J. Harvie Wilkinson of the U.S. Court of Appeals for the Fourth Circuit, Justice Anthony M. Kennedy of the Supreme Court of the United States, and Judge George A. Aldrich of the Iran-U.S. Claims Tribunal. He also previously has served as an associate at Covington & Burling. Mr. Goldsmith’s scholarly interests include international law, foreign relations law, national security law, conflict of laws, and civil procedure. Mr. Goldsmith served on the NRC Com - mittee on Offensive Information Warfare. Robert Jervis is the Adlai E. Stevenson Professor of International Politics at Columbia University. His most recent book is why intelligence Fails: lessons from the iranian Reolution and the iraq war (Cornell University Press, 2010). His book System Effects: Complexity in Political life (Princeton University Press, 1997) was a co-winner of the APSA’s Psychology Section Best Book Award, and the meaning of the nuclear Reolution (Cornell University Press, 1989) won the Grawemeyer Award for Ideas Improving World Order. He is also the author of Perception and misperception in international Politics (Princeton University Press, 1976), the logic of images in international Relations (Princeton University Press, 1970; 2d ed., Colum- bia University Press, 1989), the illogic of American nuclear Strategy (Cornell University Press, 1984), and American Foreign Policy in a new Era (Routledge, 2005). He was president of the APSA in 2000-2001 and has received career achievement awards from the International Society of Political Psychology and ISA’s Security Studies Section. In 2006 he received the National Academy of Sciences’ tri-annual award for behavioral sciences contributions to avoiding nuclear war. He was a Guggenheim Fellow in 1978-1979 and is a fellow of the American Association for the Advancement of Science and the American Academy of Arts and Sciences. He chairs the Historical Review Panel for the Central Intelligence Agency (CIA) and is a National Intelligence Council associate. His current research problems include the nature of beliefs, IR theory and the Cold War, and the links between signaling and perception. Jan M. Lodal is the immediate past president of the Atlantic Council of the United States and chair of Lodal and Company. Previously, he served as principal deputy under secretary of defense for policy, where he had significant responsibilities for cyber security, and as a senior staff member of the National Security Council. He was founder, chair, and CEO of Intelus Inc. and co-founder of American Manage - ment Systems, Inc. During the Nixon and Ford administrations, Mr. Lodal served on the White House staff as deputy for program analysis to Henry A. Kissinger, and during the Johnson administration as director of the NATO and General Purpose Force Analysis Division in the Office of the Secretary of Defense. Mr. Lodal is a member of the board of overseers of the Curtis Institute of Music, a trustee of the American Boychoir, and a member of the Council on Foreign Relations and the International Institute of Strategic Studies. He was previously executive director of the Aspen Strategy Group and president of Group Health Association. He is the author of numerous articles on public policy, arms control, and defense policy, and of the Price of dominance: the new weapons of mass destruction and their Challenge to American leadership. Mr. Lodal is the recipient of Rice University’s Distinguished Alumnus Award for Public Service and Achievement in Business and was twice awarded the Department of Defense Medal for Distinguished Public Service, the Department’s highest civilian honor. Philip venables is a managing director and chief information risk officer for Goldman Sachs. He leads the Information Security, Technology Risk and Business Continuity Programs. He is part of the Technol - ogy Infrastructure Management Team, co-chairs the Business Resilience Committee, and is a member of the Operational Risk Committee. Prior to joining the firm, Mr. Venables was chief information security officer at Deutsche Bank. He also functioned as the global head of technology risk management for Standard Chartered Bank, and he served in various technology and network management positions at Barclays Bank. He is a member of the BITS/FISAP Advisory Council and serves on the Committee of the U.S. Financial Sector Security Coordinating Council. Mr. Venables is on the board of referees of the 

 PRoCEEdingS oF A woRkSHoP on dEtERRing CYBERAttACkS journal Computers and Security, the board of directors for the Center for Internet Security, and the advisory board of the London School of Economics Information Systems Integrity Group. Mr. Venables earned a B.Sc. (Hons.) in computer science from York University in the United Kingdom in 1989 and an M.Sc. in computation and cryptography from the Queen’s College at Oxford University in 1990. Additionally, Mr. Venables was awarded the designation of chartered engineer in 1995 and chartered scientist in 2002. In 2005, he was elected a fellow of the British Computer Society. STAFF Herbert S. Lin, study director, is chief scientist for the National Research Council’s Computer Sci - ence and Telecommunications Board, where he has been a study director for major projects on public policy and information technology. These studies include a 1996 study on national cryptography policy (Cryptography’s Role in Securing the information Society), a 1999 study of Defense Department systems for command, control, communications, computing, and intelligence ( Realizing the Potential of Ci: Fun- damental Challenges), a 2000 study on workforce issues in high-technology (Building a workforce for the information Economy), a 2004 study on aspects of the FBI’s information technology modernization pro - gram (A Reiew of the FBi’s trilogy it modernization Program), a 2005 study on electronic voting (Asking the Right Questions About Electronic voting), a 2005 study on computational biology (Catalyzing inquiry at the interface of Computing and Biology), a 2007 study on privacy and information technology (Engag- ing Priacy and information technology in a digital Age), a 2007 study on cyber security research (toward a Safer and more Secure Cyberspace), a 2009 study on health care information technology (Computational technology for Effectie Health Care), and a 2009 study on U.S. cyber attack policy (technology, Policy, law, and Ethics Regarding Acquisition and Use of U.S. Cyberattack Capabilities ). Before his NRC service, he was a professional staff member and staff scientist for the House Armed Services Committee (1986-1990), where his portfolio included defense policy and arms control issues. He received his doctorate in phys - ics from the Massachusetts Institute of Technology. Tom Arrison is a senior staff officer in the Policy and Global Affairs Division of the National Academies. He joined the National Academies in 1990 and has directed a range of studies and other projects in areas such as international science and technology relations, innovation, information technology, higher education, and strengthening the U.S. research enterprise. He holds M.A. degrees in public policy and Asian studies from the University of Michigan. gin bacon Talati is an associate program officer for the Computer Science and Telecommunications Board of the National Research Council. She formerly served as a program associate with the Frontiers of Engineering program at the National Academy of Engineering. Prior to her work at the Academies, she served as a senior project assistant in education technology at the National School Boards Associa - tion. She has a B.S. in science, technology, and culture from the Georgia Institute of Technology and an M.P.P. from George Mason University with a focus in science and technology policy.