Herbert Lin

Hank J. Holland Fellow in Cyber Policy and Security, Hoover Institution
Biography: 

Dr. Herb Lin is Hank J. Holland Fellow in Cyber Policy and Security at the Hoover Institution and senior research scholar for cyber policy and security at the Center for International Security and Cooperation, both at Stanford University.  His research interests relate broadly to policy-related dimensions of cybersecurity and cyberspace, and he is particularly interested in the use of offensive operations in cyberspace as instruments of national policy and in the security dimensions of information warfare and influence operations on national security.  In addition to his positions at Stanford University, he is Chief Scientist, Emeritus for the Computer Science and Telecommunications Board, National Research Council (NRC) of the National Academies, where he served from 1990 through 2014 as study director of major projects on public policy and information technology, and Adjunct Senior Research Scholar and Senior Fellow in Cybersecurity (not in residence) at the Saltzman Institute for War and Peace Studies in the School for International and Public Affairs at Columbia University; and a member of the Science and Security Board of the Bulletin of Atomic Scientists.  In 2016, he served on President Obama’s Commission on Enhancing National Cybersecurity.  Prior to his NRC service, he was a professional staff member and staff scientist for the House Armed Services Committee (1986-1990), where his portfolio included defense policy and arms control issues. He received his doctorate in physics from MIT.

To read more about Herb Lin's interests, see "An Evolving Research Agenda in Cyber Policy and Security."

Avocationally, he is a longtime folk and swing dancer and a lousy magician. Apart from his work on cyberspace and cybersecurity, he is published in cognitive science, science education, biophysics, and arms control and defense policy. He also consults on K-12 math and science education.

Filter By:

Topic

Type

Recent Commentary

Featured

William Barr Says One New And Important Thing That Changes The Policy Debate On Exceptional Access

by Herbert Linvia Lawfare
Tuesday, July 23, 2019

Attorney General William Barr gave a speech on encryption at the International Conference on Cyber Security at Fordham University on July 23 that went over the usual law enforcement arguments for exceptional access.

Blank Section (Placeholder)

Telecom Buyer, Beware

by Herbert Linvia Hoover Digest
Tuesday, July 16, 2019

All telecom technology, not just Huawei’s, presents security risks. And all of those risks are potentially manageable.

Analysis and Commentary

The Existential Threat From Cyber-Enabled Information Warfare

by Herbert Linvia Bulletin of the Atomic Scientists
Friday, June 28, 2019

Corruption of the information ecosystem is not just a multiplier of two long-acknowledged existential threats to the future of humanity – climate change and nuclear weapons. Cyber-enabled information warfare has also become an existential threat in its own right, its increased use posing the possibility of a global information dystopia, in which the pillars of modern democratic self-government – logic, truth, and reality – are shattered, and anti-Enlightenment values undermine civilization as we know it around the world.

Analysis and Commentary

U.S. Cyber Infiltration Of The Russian Electric Grid: Implications For Deterrence

by Herbert Linvia Lawfare
Tuesday, June 18, 2019

The New York Times reported on June 15 that “the United States is stepping up digital incursions into Russia’s electric power grid in a warning to President Vladimir V. Putin.” In particular, the Times reported that the United States has deployed code “inside Russia’s grid and other targets”—that is, “potentially crippling malware inside the Russian system, ... intended partly as a warning, and partly to be poised to conduct cyberstrikes if a major conflict broke out between Washington and Moscow.” The article also noted that this step would represent a major escalation in the ongoing cyber conflict between Moscow and the United States.

Analysis and Commentary

A Method For Establishing Liability For Data Breaches

by Herbert Linvia Lawfare
Tuesday, June 18, 2019

Last month, the First American Financial Corporation—which provides title insurance for millions of Americans—acknowledged a cybersecurity vulnerability that potentially exposed 885 million private financial records related to mortgage deals to unauthorized viewers. These records might have revealed bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and driver’s license images to such viewers. If history is any guide, not much will happen and companies holding sensitive personal information on individuals will have little incentive to improve their cybersecurity postures. Congress needs to act to provide such incentives.

Featured

Offensive Cyber Operations In US National Security

by Amy Zegart, Herbert Lin, Bill Finanvia Brookings Institution
Friday, April 26, 2019

Hoover Institution fellows Amy Zegart and Herb Lin discusses their recent book Bytes, Bombs, and Spies: The Strategic Dimensions of Offensive Cyber Operations.

Analysis and Commentary

On Risk Mitigation And Huawei: A Response

by Herbert Linvia Lawfare
Wednesday, April 24, 2019

Today, Lawfare published an article by Alexei Bulazel, Sophia d’Antoine, Perri Adams and Dave Aitel on “The Risks of Huawei Risk Mitigation” that seemingly disagrees with an earlier piece of mine on the topic. But apart from a bit of snark about my use of the confidentiality-integrity-availability (CIA) triad as a pillar of the security discussion and the definition of risk mitigation, I don’t disagree with anything in their piece and endorse almost all of it.

Analysis and Commentary

Principles Of AI Governance And Ethics Should Apply To All Technologies

by Herbert Linvia Lawfare
Friday, April 12, 2019

Despite Google’s recent dissolution of its artificial intelligence (AI) ethics board, IT vendors (including Google) are increasingly defining principles to guide the development of AI applications and solutions. And it’s worth taking a look at what these principles actually say. Appended to the end of this post are the principles from Google and Microsoft, thoughts from Salesforce.org (closely aligned with Salesforce), and AI principles from three groups not aligned with specific companies.

Featured

Huawei And Managing 5G Risk

by Herbert Linvia Lawfare
Wednesday, April 3, 2019

Based on cybersecurity concerns, the United States, Australia and New Zealand have staked out policy positions that prevent or strongly discourage the acquisition of Huawei 5G technology for use in the national communications infrastructure of these nations. Other U.S. allies have announced or are considering policy positions that do not go so far and would indeed allow such acquisition at least to some extent.

In the News

Doomsday Clock Frozen At Two Minutes To Apocalypse

quoting Herbert Linvia Milbank Monitor
Wednesday, March 27, 2019

The “new abnormal” the world is facing from risks like nuclear war and climate change has led the symbolic Doomsday Clock to be frozen at the closest it has ever been to midnight. The clock, created by the Bulletin of the Atomic Scientists (BAS) in 1947, intends to warn of impending disasters.

Pages