Rick Aldrich is a senior cyber policy analyst with the Cyber Security and Information Systems Information Analysis Center (CSIAC). He is also a Cyber Security Policy & Compliance Analyst for Booz Allen Hamilton, supporting the Department of Defense (DoD) Chief Information Officer (CIO). He works on cybersecurity, policy, metrics, cyberlaw, and privacy issues. He has been awarded several grants by the Institute for National Security Studies to research the legal and policy implications of cybercrime and cyber warfare. He has multiple publications in this field, including a chapter on information warfare in the widely used textbook, National Security Law. He has presented at several national and international conferences, including most recently a conference at NATO. He was a co-author of DoD’s award-winning CyberLaw 1 computer-based training product and the subsequent CyberLaw 2 product. He led an effort to create DoD Cybersecurity Scorecards that are reported monthly to the Secretary of Defense. Prior to his current position he served as the Deputy Staff Judge Advocate for the Air Force Office of Special Investigations, specializing in the cybercrime and information operations portfolios. He was also recognized as the “Outstanding Professor of Law” at the US Air Force Academy, where he was one of the first in the nation to establish an undergraduate course in Cyberlaw. He has a Bachelor of Science degree in Computer Science from the United States Air Force Academy, a Juris Doctor from UCLA, and a Masters of Law in Intellectual Property Law from the University of Houston. He is licensed to practice before the United States Supreme Court and the Supreme Court of California. He also holds CISSP, CIPT, and GLEG certifications.
CSIAC Reports
Evolving Developments in Cyberlaw: 2017
As technology continues to evolve, the courts are being asked to apply existing laws to the new technology. In some cases, the answer is fairly straightforward, but in other cases it is more complicated and can yield varying outcomes based on how each court understands the technology and the legislators’ intent in passing the law. The presentation addressed cases over the past year in three main areas: (1) “unauthorized access” under the Computer Fraud and Abuse Act (CFAA), (2) encryption, and (3) searches and seizures generally.
View ReportChallenges in Applying the Law of Armed Conflict to Cyberwar
On June 17, 2010 a small antivirus company established in Belarus discovered the Stuxnet worm. Later research would reveal that an earlier variant of the worm existed at least a year earlier. Stuxnet reputedly caused the physical degradation of some…
View ReportRecent Developments in Cyberlaw: 2018
CSIAC SME and member of the American Bar Association’s Information Security Committee, Richard “Rick” Aldrich, gives a snapshot of the recent developments in cyberlaw, policy, standards, court cases and industry legal frameworks. These slides focus on emerging issues such as…
View ReportEmerging Developments in Cyberlaw: 2019
CSIAC SME and member of the American Bar Association’s Information Security Committee, Richard “Rick” Aldrich, gives a snapshot of the recent developments in cyberlaw, policy, standards, court cases and industry legal frameworks. These slides focus on emerging issues such as…
View ReportEvolving Developments in Cyberlaw: June 2019
CSIAC SME and member of the American Bar Association’s Information Security Committee, Richard “Rick” Aldrich, gives a snapshot of the recent developments in cyberlaw, policy, standards, court cases and industry legal frameworks. This report provides updates to an earlier report on cyberlaw from March of 2019. This presentation was given at the annual meeting of the American Bar Association’s Information Security Committee. The Committee is comprised of a diverse group of lawyers, security experts, technologists, auditors and other professionals, whose focus includes the examination and analysis of legal, business, and technical aspects of securing the confidentiality, integrity and availability of information. The Committee’s focus spans across the spectrum of information security issues, including: emerging issues surrounding the protection of information and critical infrastructures within computer systems and networks, such as the Internet; all aspects of litigation involving computer ecosystems as well as the electronic information generated by them; and regulatory and legal information security compliance and contracting.
View ReportCybersecurity Issues for Security Managers: 2019
CSIAC SME and member of the American Bar Association’s Information Security Committee, Richard “Rick” Aldrich, gives an overview of the Cybersecurity Issues facing Security Managers.
View ReportEvolving Developments in Cyberlaw: February 2020
CSIAC SME and member of the American Bar Association’s Information Security Committee, Richard “Rick” Aldrich, gives a snapshot of the recent developments in cyberlaw, policy, standards, court cases and industry legal frameworks.
View Report
Podcasts / Webinars
Cybersecurity Metrics Workshop » Panel Discussions
Moderator: Dr. Paul Losiewicz, Quanterion Solutions, Inc. Panelists: Richard Aldrich (Booz Allen Hamilton), Dr. Kenric Nelson (Raytheon), Dr. John Bay (Cyber Research center),Dr. Len Popyack (Utica College) The Cyber Security Metrics Workshop is a one-day review of current trends in policy, tools and techniques of interest to managers…
Cybersecurity Metrics Workshop » Meaningful Metrics: Answering the “So What?”
Richard Aldrich, Booz Allen Hamilton Too often cyber security metrics reports tend to either be based on whatever data was most readily available, or include low-level data of a very technical nature. In such cases the response of the recipient…
Leave a Comment
You must be logged in to post a comment.