Herbert Lin

Hank J. Holland Fellow in Cyber Policy and Security, Hoover Institution

Herb Lin is a senior research scholar for cyber policy and security at the Center for International Security and Cooperation and the Hank J. Holland Fellow in cyber policy and security at the Hoover Institution, both at Stanford University.  His research interests concern the policy-related dimensions of cybersecurity and cyberspace; he is particularly interested in and knowledgeable about the use of offensive operations in cyberspace, especially as instruments of national policy.  In addition to his positions at Stanford University, he is chief scientist emeritus for the Computer Science and Telecommunications Board, at the National Research Council (NRC) of the National Academies, where he served from 1990 through 2014 as study director of major projects on public policy and information technology, and adjunct senior research scholar and senior fellow in cybersecurity (not in residence) at the Saltzman Institute for War and Peace Studies in the School for International and Public Affairs at Columbia University. Before his NRC service, he was a professional staff member and staff scientist for the House Armed Services Committee (1986–90), where his portfolio included defense policy and arms control issues. He received his doctorate in physics from the Massachusetts Institute of Technology.

To read more about Herb Lin's interests, see "An Evolving Research Agenda in Cyber Policy and Security."

He is also a longtime folk and swing dancer and a poor magician. Apart from his work on cyberspace and cybersecurity, he has published on cognitive science, science education, biophysics, and arms control and defense policy. He also consults on K–12 math and science education.

Filter By:



Recent Commentary

Analysis and Commentary

What Is Absent From The U.S. Cyber Command 'Vision'

by Herbert Lin, Max Smeetsvia Lawfare
Thursday, May 3, 2018

United States Cyber Command recently released a new “command vision” entitled “Achieve and Maintain Cyberspace Superiority.” The document seeks to provide: “a roadmap for USCYBERCOM to achieve and maintain superiority in cyberspace as we direct, synchronize, and coordinate cyberspace planning and operations to defend and advance national interests in collaboration with domestic and foreign partners.”

Blank Section (Placeholder)

Unleashing the High-tech Dogs of War

by Herbert Linvia Hoover Digest
Friday, April 20, 2018

Artificial intelligence will bring deadlier, smarter weapons. And the command structures that deploy them are likely to possess fewer scruples about harming civilians.

Analysis and Commentary

The Danger Of Deep Fakes: Responding To Bobby Chesney And Danielle Citron

by Herbert Linvia Lawfare
Tuesday, February 27, 2018

Bobby Chesney and Danielle Citron have painted a truly depressing picture of a future in which faked video and audio cannot be distinguished from the real thing. And I think they are right to be depressed about it, though I want to discuss a possible technological solution that they did not address.

Analysis and Commentary

The East West Institute's New Report On Encryption: A Review

by Herbert Linvia Lawfare
Friday, February 23, 2018

On Feb. 15, 2018, the East West Institute (EWI) released its report “Encryption Policy in Democratic Regimes: Finding Convergent Paths and Balanced Solutions,” which the group presented as offering “normative recommendations on encryption policy to ensure strong cybersecurity while enabling lawful law enforcement access to the plain text of encrypted information in limited circumstances.” 

Blank Section (Placeholder)

Once More unto the Breach

by Herbert Linvia Hoover Digest
Friday, January 26, 2018

Recent thefts of credit data show how little power consumers have over their own information. This has to change. 

Analysis and Commentary

Anything New Under The Sun? Nuclear Responses To Cyberattacks

by Herbert Linvia Lawfare
Friday, January 19, 2018

A recent New York Times story regarding the draft Nuclear Posture Review (NPR) writes that: A newly drafted United States nuclear strategy that has been sent to President Trump for approval would permit the use of nuclear weapons to respond to a wide range of devastating but non-nuclear attacks on American infrastructure, including what current and former government officials described as the most crippling kind of cyberattacks.

Analysis and Commentary

Information Warfare and Cybersecurity Are Different, Related and Important

by Herbert Lin, Paul Rosenzweigvia Lawfare
Wednesday, January 17, 2018

Susan Landau pointed last week to a disagreement between the two of us, saying that current definitions of cybersecurity (such as the HSPD-54 that Herb quoted) are outmoded and a new definition is necessary. We agree with Susan, and as we discussed the matter, we find that we are in fact much more in agreement than disagreement. At least part of Susan’s perception that we disagree is understandably rooted in the titles of our respective pieces.

Analysis and Commentary

Election Hacking, As We Understand It Today, Is Not A Cybersecurity Issue

by Herbert Linvia Lawfare
Friday, January 5, 2018

At a Senate intelligence committee hearing in November on Social Media Influence in the 2016 U.S. Elections, Sen. Dianne Feinstein said about Russian interference in the 2016 election, “What we're talking about is a cataclysmic change. What we're talking about is the beginning of cyber warfare.”

Blank Section (Placeholder)

New Weapons, New Shields

by Herbert Linvia Hoover Digest
Monday, October 23, 2017

Emerging trends in the battle to secure our digital frontiers. 

Analysis and Commentary

The Real Threat From Kaspersky Security Software

by Herbert Linvia Lawfare
Thursday, October 12, 2017

The Washington Post and the Wall Street Journal report that Russian government hackers obtained details of U.S. cyber capabilities from the personal computer of a National Security Agency employee who had taken classified material home. He was running Kaspersky antivirus software. Apparently, the compromised secrets could enable the Russian government to thwart U.S. cyber operations, both defensive and offensive.