Knowledge Repository

Cybersecurity Policy

U.S. policymakers, journalists, academics, and think tanks regularly seek our insight on the state of modern security and how to improve it. They come to us because we have spent the last decade applying a research mentality to real-world cybersecurity problems and the underlying computer science.

Our knowledge goes beyond the technical. Our cultivated contacts and context help us contribute to the formation of policies that advance the security and openness of the Internet. We believe our position as industry leaders obliges us to speak out on these issues, and to promote the proper collection and analysis of information that underpins good policy decisions.

We consult on many topics, including but not limited to:

  • Encryption as used by market leaders like Apple
  • Zerodays, exploit development, and vulnerability disclosure
  • The Vulnerability Equity Process (VEP)
  • Criminal use of malware and botnets
  • Active defense and the Computer Fraud and Abuse Act
  • Cybersecurity workforce development

We advocate for the industry, too. As one of the earliest members of the Coalition for Responsible Cybersecurity, we signed on to the first brief submitted to U.S. Department of Commerce to oppose harmful export control rules for cybersecurity products and services.

To support the next generation of security professionals, we engage with new and upcoming leaders by organizing and participating in student events and competitions.

Contact us for help.

Past Contributions