- Faculty & Staff
- News & Events
- Degree Programs
- Minors & Immersions
- Student Resources
- Contact Us
- Jobs & Co-ops
Josephine Wolff is an assistant professor in the Public Policy department at RIT and a member of the extended faculty of the Computing Security department. She is a faculty associate at the Harvard Berkman Center for Internet & Society and a fellow at the New America Cybersecurity Initiative.
Wolff recieved her PhD. in Engineering Systems Division and M.S. in Technology and Policy from the Massachusetts Institute of Technology, as well as her A.B. in Mathematics from Princeton University.
Dr. Wolff is currently working on analyzing the aftermath of cybersecurity incidents to understand how they have influenced current approaches to technical, social, and political security. By questioning and observing how past attacks transpired and how companies, consumers, and policy-makers responded to them, she is expanding understanding of how we draw lessons from past security incidents and protect computing systems from breaches in the future.
Dr. Wolff’s studies involve in-depth analyses of cybersecurity incidents that have occurred during the past ten years, including financially- and revenge-motivated breaches and cyber espionage incidents. Through her analyses, she is assessing past cybersecurity events from an economic and legal perspective. Specifically, she is asking how different stakeholders such as retailers, credit card companies, software developers, and hardware manufacturers should be held responsible for breaches and how liability should be distributed among the involved stakeholders. In addition, Dr. Wolff is exploring which of these actors assume portions of the cost of cybersecurity incidents as part of her attempt to trace the way that current policies address the issue of liability. In conjunction with this study, she is examining the development of cybersecurity insurance markets and the efforts of companies to implement safety protocols, such as two-factor authentication.
Telecom Policy and Issues; Cyber Security Policy and Law