Impact Case Study: Anil Dewan and Alexander "RoRo" Romero

{"abilities":[],"action":"stack","className":"","columns":3,"controls":[],"exclude":[],"include":[{"custom.menu":"header-menu"}],"maximum":6,"property":"header","orders":["date","title","menu_order","post_type","post__in"]}

{"abilities":[],"action":"stack","className":"","columns":3,"controls":[],"exclude":[],"include":[{"custom.menu":"header-menu"}],"maximum":6,"property":"mobile","orders":["date","title","menu_order","post_type","post__in"]}

Impact Case Study: Anil Dewan and Alexander “RoRo” Romero

By the Aspen Policy Academy

Our Impact Case studies are short documents that showcase our trainees’ experiences with and impacts from Academy programming.

In 2020-2021, Aspen Policy Academy alumni Anil Dewan and Alexander “RoRo” Romero led the effort to expand the scope of the Department of Defense (DoD)’s Vulnerability Disclosure Program (VDP). This critical cybersecurity program provides legal safe harbor to researchers who find and report vulnerabilities in DoD information systems using established protocols. These reports enable the DoD to quickly validate and remediate the vulnerabilities while ensuring that the researchers are not prosecuted for their service. The original VDP only applied to public-facing DoD websites. Using skills they learned at the Aspen Policy Academy, Anil and RoRo successfully expanded the policy to apply to all publicly accessible DoD information systems. This policy change allowed for more vulnerabilities to be reported and increased security of DoD systems and, as a result, the security of our nation.