Maurer School of Law

Education

• Indiana University B.A. summa cum laude
• University of Cambridge Masters in International Relations, first honors
• University of Cambridge PhD, Politics and International Studies
• Stanford University JD with academic and pro bono distinction

Biography

Professor Scott J. Shackelford serves on the faculty of Indiana University, where he is cybersecurity program chair and director of the Ostrom Workshop Program on Cybersecurity and Internet Governance. He is also an affiliated scholar at both the Harvard Kennedy School’s Belfer Center for Science and International Affairs and Stanford’s Center for Internet and Society, as well as a senior fellow at the Center for Applied Cybersecurity Research, and a term member at the Council on Foreign Relations.

Shackelford has written more than 100 articles, book chapters, essays, and op-eds for diverse outlets ranging from the University of Illinois Law Review and the American Business Law Journal to the Christian Science Monitor, Huffington Post, Slate, The Conversation, and the San Francisco Chronicle. Similarly, his research has been covered by diverse outlets, including Politico, NPR, Marketplace, Forbes, Time, Associated Press, Forensics Magazine, Law360, the Indianapolis Star, Washington Post, and the Los Angeles Times. He is also the author of Managing Cyber Attacks in International Law, Business, and Relations: In Search of Cyber Peace (Cambridge University Press, 2014).

Both Shackelford’s academic work and teaching have been recognized with numerous awards, including a Harvard University Research Fellowship, a Stanford University Hoover Institution National Fellowship, a Notre Dame Institute for Advanced Study Distinguished Fellowship, the 2014 Indiana University Outstanding Junior Faculty Award, and the 2015 Elinor Ostrom Award.

In The Media

• Mentioned in "Black Hat 2021: Should There Be a Federal Cybersecurity Safety Board?," BizTech ( 08-10-2021 )
• Quoted in "Can the US curb China's cyber ambitions?," Gov Info Security ( 07-20-2021 )
• Quoted in "Cybercriminals target internet-connected medical devices," Indianapolis Business Journal ( 06-25-2021 )
• Quoted in "Westfield clerk, mayor battle over spyware installed on city hall computers," WISH-TV ( 06-23-2021 )
• Quoted in "State of cybersecurity -- How is Indiana doing?," Building Indiana ( 06-16-2021 )
• Quoted in "Eternal vigilance: Ransomware one of numerous cyberthreats keeping city constantly in monitoring mode," The Journal Gazette ( 06-10-2021 )
• Quoted in "This is what to do if you fall victim to an unemployment scam," The Indianapolis Star (sub. req.) ( 06-07-2021 )
• Quoted in "Where's the beef? Ransomware hit highlights cyber problems," Gov Info Security ( 06-04-2021 )
• Co-wrote an article titled "Colonial Pipeline forked over $4.4M to end cyberattack -- but is paying a ransom ever the ethical thing to do?," The Conversation ( 05-26-2021 )
• Wrote an article titled "Zero-trust security: Assume that everyone and everything on the internet is out to get you -- and maybe already has," The Conversation ( 05-21-2021 )
• Quoted in "Civilian cyber reserve program proposed," Bank Info Security ( 04-29-2021 )
• Wrote an article titled "The FBI is breaking into corporate computers to remove malicious code-smart cyber defense or government overreach?," The Conversation ( 04-26-2021 )
• Quoted in "A SpaceX advisor and other industry figures explain why the company's NASA partnership signals a new space age as they prepare for the Artemis mission," Business Insider ( 04-24-2021 )
• Quoted in "ANALYSIS - As U.S. cities embrace tech, cyberattacks pose real-world risks," Thomas Reuters Foundation News ( 04-07-2021 )
• Quoted in "Senators raise security concerns over selling personal data," Gov Info Security ( 04-06-2021 )
• Quoted in "Exchange hacks: how will the Biden administration respond?," Gov Info Security ( 03-15-2021 )
• Co-wrote an op-ed titled "We urgently need a NTSB for cybersecurity," Wall Street Journal ( 03-02-2021 )
• Wrote an article titled "What cybersecurity investigators can learn from airplane crashes," Yahoo! News ( 02-20-2021 )
• Quoted in "Senators demand more coordination in SolarWinds investigation," Bank Info Security ( 02-10-2021 )
• Quoted in "Microsoft describes how SolarWinds hackers avoided detection," Bank Info Security ( 01-21-2021 )
• Quoted in "How to stay safe when doing your holiday shopping online or in person," Indiana Daily Student ( 12-16-2020 )
• Quoted in "Unprecedented study details state of cybersecurity preparedness in Indiana," IU Newsroom ( 12-10-2020 )
• Quoted in "Trump is threatening to veto $740 billion in military spending unless Congress revokes Section 230 -- the internet law he hates," Business Insider ( 12-02-2020 )
• Quoted in "The Georgia runoffs could decide the fate of Section 230 -- along with the future of Big Tech," Business Insider India ( 11-15-2020 )
• Wrote an article titled "How tech firms have tried to stop disinformation and voter intimidation -- and come up short," The Conversation ( 11-02-2020 )
• Quoted in "Cyber attacks surging; Hoosiers need to be extra vigilant," WTHR ( 10-05-2020 )
• Quoted in "To secure elections, paper ballots, risk-limiting audits and fighting misinformation are required: IU study," Chicago Tribune ( 10-02-2020 )
• Quoted in "Carmel city website back online after hacker gained access," WISH-TV ( 09-18-2020 )
• Quoted in "WeChat going silent, time running out for TikTok," WTHR ( 09-18-2020 )
• Quoted in "FBI joins probe of Carmel website hack. Site still shut down," The Indianapolis Star ( 09-18-2020 )
• Quoted in "K-12 schools increasingly the target of ransomware attacks during pandemic," KEYE TV ( 09-15-2020 )
• Quoted in "What the U.S. needs to do to secure election 2020," Nextgov ( 09-14-2020 )
• Quoted in "Paper ballots, risk-limiting audits can help defend elections and democracy, IU study finds," IU Newsroom ( 09-02-2020 )
• Quoted in "Scholar outlines possible alternatives to US lunar exploitation rules," Sputnik ( 05-20-2020 )
• Quoted in "Born in India, Cyber Peace Corps trains tacklers of disinformation, online challenges," MeriTalk ( 05-07-2020 )
• Quoted in "As schools move online, so do security threats. Here's what experts say you can do," WFYI ( 04-15-2020 )
• Quoted in "The next frontier of baseball cheating: the Cloud," OZY ( 04-14-2020 )
• Wrote an op-ed titled "The battle against disinformation is global," The Conversation ( 03-20-2020 )
• Quoted in "Everyone counts: Why Indianapolis is urging residents to respond to the 2020 census," The Indianapolis Star (subscription) ( 03-14-2020 )
• Quoted in "A judge resigns after using the n-word in texts that she says the public was never meant to see," The Washington Post ( 02-27-2020 )
• Quoted in "Equifax left unencrypted data open to Chinese hackers. Most big US companies are just as negligent," Los Angeles Times ( 02-10-2020 )
• Wrote a blog post titled "Hack your way to power? Election protection lessons from other nations," The National Interest ( 02-05-2020 )
• Wrote an essay titled "US could learn how to improve election protection from other nations," The Conversation ( 02-04-2020 )
• Mentioned in "IU's Ostrom Workshop names executive director," Inside Indiana Business ( 02-04-2020 )
• Quoted in "As use of facial recognition expands, travelers worry about privacy," The Washington Post ( 01-23-2020 )

Selected Works

• GOVERNING NEW FRONTIERS IN THE INFORMATION AGE: TOWARD CYBER PEACE (Cambridge University Press, forthcoming 2020).
• THE INTERNET OF EVERYTHING: WHAT EVERYONE NEEDS TO KNOW (Oxford University Press, forthcoming 2020).
• MANAGING CYBER ATTACKS IN INTERNATIONAL LAW, BUSINESS AND RELATIONS: IN SEARCH OF CYBER PEACE (Cambridge University Press, 2014).
• The Sport of Cybersecurity: How Professional Sports Leagues Can Better Protect the Competitive Integrity of their Games, __ BOSTON COLLEGE LAW REVIEW __ (forthcoming 2020) (with Nathaniel Grow).
• The Future of Frontiers, __ LEWIS & CLARK LAW REVIEW __ (forthcoming 2020).
• Rethinking Active Defense: A Comparative Analysis of Proactive Cybersecurity Policymaking, __ UNIVERSITY OF PENNSYLVANIA JOURNAL OF INTERNATIONAL LAW __ (forthcoming 2020) (with Danuvasin Charoen, Tristen Waite, & Nancy Zhang).
• Smart Factories, Dumb Policy? Managing Cybersecurity and Data Privacy Risks in the Industrial Internet of Things, __ MINNESOTA JOURNAL OF LAW, SCIENCE, & TECHNOLOGY __ (forthcoming 2020).
• Unpacking the Rise of Benefit Corporations: A Transatlantic Comparative Case Study, __ VIRGINIA JOURNAL OF INTERNATIONAL LAW __ (2019) (with Janine Hiller & Xiao Ma).T
• The Firm and Common Pool Resource Theory: Understanding the Rise of Benefit Corporations, 55 AMERICAN BUSINESS LAW JOURNAL 5 (2018) (with Janine S. Hiller).
• Securing the Internet of Healthcare, 19 MINNESOTA JOURNAL OF LAW, SCIENCE AND TECHNOLOGY 405 (2018) (with Michael Mattioli, Steve Myers, Austin Brady, Yvette Wang, and Stephanie Wong).
• When Toasters Attack: Enhancing the ‘Security of Things’ through Polycentric Governance, 2017 UNIVERSITY OF ILLINOIS LAW REVIEW 415 (2017) (with Anjanette Raymond, Danuvasin Charoen, Rakshana Balakrishnan, Prakhar Dixit, Julianna Gjonaj, & Rachith Kavi).
• Making Democracy Harder to Hack: Should Elections be Classified as ‘Critical Infrastructure?’, 50 MICHIGAN JOURNAL OF LAW REFORM 629 (2017) (with Michael Sulmeyer, Bruce Schneier, Anne Boustead, Ben Buchanan, Amanda Craig, Trey Herr, & Jessica Malekos Smith).
• The Law of Cyber Peace, 18 CHICAGO JOURNAL OF INTERNATIONAL LAW 1 (2017).
• Block-by-Block: Leveraging the Power of Blockchain Technology to Build Trust and Promote Cyber Peace, 19 YALE JOURNAL OF LAW AND TECHNOLOGY 334 (2017) (with Steve Myers).

Related Links

• IU Kelley School of Business Faculty Profile
• Ostrom Workshop Program on Cybersecurity and Internet Governance

Areas of Expertise

• Cybersecurity law