Rick Aldrich is a senior cyber policy analyst with the Cyber Security and Information Systems Information Analysis Center (CSIAC). He is also a Cyber Security Policy & Compliance Analyst for Booz Allen Hamilton, supporting the Department of Defense (DoD) Chief Information Officer (CIO). He works on cybersecurity, policy, metrics, cyberlaw, and privacy issues. He has been awarded several grants by the Institute for National Security Studies to research the legal and policy implications of cybercrime and cyber warfare. He has multiple publications in this field, including a chapter on information warfare in the widely used textbook, National Security Law. He has presented at several national and international conferences, including most recently a conference at NATO. He was a co-author of DoD’s award-winning CyberLaw 1 computer-based training product and the subsequent CyberLaw 2 product. He led an effort to create DoD Cybersecurity Scorecards that are reported monthly to the Secretary of Defense. Prior to his current position he served as the Deputy Staff Judge Advocate for the Air Force Office of Special Investigations, specializing in the cybercrime and information operations portfolios. He was also recognized as the “Outstanding Professor of Law” at the US Air Force Academy, where he was one of the first in the nation to establish an undergraduate course in Cyberlaw. He has a Bachelor of Science degree in Computer Science from the United States Air Force Academy, a Juris Doctor from UCLA, and a Masters of Law in Intellectual Property Law from the University of Houston. He is licensed to practice before the United States Supreme Court and the Supreme Court of California. He also holds CISSP, CIPT, and GLEG certifications.
CSIAC SME and member of the American Bar Association’s Information Security Committee, Richard “Rick” Aldrich, gives a snapshot of the recent developments in cyberlaw, policy, standards, court cases and industry legal frameworks. These slides focus on emerging issues such as… Read MoreView Document
As technology continues to evolve, the courts are being asked to apply existing laws to the new technology. In some cases, the answer is fairly straightforward, but in other cases it is more complicated and can yield varying outcomes based on how each court understands the technology and the legislators’ intent in passing the law. The presentation addressed cases over the past year in three main areas: (1) “unauthorized access” under the Computer Fraud and Abuse Act (CFAA), (2) encryption, and (3) searches and seizures generally.View Document
On June 17, 2010 a small antivirus company established in Belarus discovered the Stuxnet worm. Later research would reveal that an earlier variant of the worm existed at least a year earlier. Stuxnet reputedly caused the physical degradation of some… Read MoreView Document
Podcasts / Webinars
Richard Aldrich, Booz Allen Hamilton Too often cyber security metrics reports tend to either be based on whatever data was most readily available, or include low-level data of a very technical nature. In such cases the response of the recipient… Read More
Moderator: Dr. Paul Losiewicz, Quanterion Solutions, Inc. Panelists: Richard Aldrich (Booz Allen Hamilton), Dr. Kenric Nelson (Raytheon), Dr. John Bay (Cyber Research center),Dr. Len Popyack (Utica College) The Cyber Security Metrics Workshop is a one-day review of current trends in policy, tools and techniques of interest to managers… Read More