Education

• Indiana University B.A. summa cum laude
• University of Cambridge Masters in International Relations, first honors
• University of Cambridge PhD, Politics and International Studies
• Stanford University JD with academic and pro bono distinction

Biography

Professor Scott J. Shackelford is a Professor of Business Law and Ethics at the Indiana University Kelley School of Business. He serves as the Executive Director of the Center for Applied Cybersecurity Research, as well as the Executive Director of the Ostrom Workshop. He is also an Affiliated Scholar at both the Harvard Kennedy School’s Belfer Center for Science and International Affairs and Stanford’s Center for Internet and Society.

Professor Shackelford has written more than 100 articles, book chapters, essays, and op-eds for diverse publications. Similarly, Professor Shackelford’s research has been covered by an array of outlets, including Politico, NPR, CNN, Forbes, Time, the Washington Post, and the LA Times. He is the author of The Internet of Things: What Everyone Needs to Know (Oxford University Press, 2020), Governing New Frontiers in the Information Age: Toward Cyber Peace (Cambridge University Press, 2020), and Managing Cyber Attacks in International Law, Business, and Relations: In Search of Cyber Peace (Cambridge University Press, 2014). He is also the lead editor of the first volume dedicated to cyber peace entitled Cyber Peace: Charting a Path Toward a Sustainable, Stable, and Secure Cyberspace (Cambridge University Press, 2022).

Both Professor Shackelford’s academic work and teaching have been recognized with numerous awards, including a Harvard University Research Fellowship, a Stanford University Hoover Institution National Fellowship, a Notre Dame Institute for Advanced Study Distinguished Fellowship, the 2014 Indiana University Outstanding Junior Faculty Award, the 2015 Elinor Ostrom Award, and the 2022 Poets & Quants Best 40-Under-40 MBA Professors Award.

In The Media

• Wrote "If Software Companies Are Liable for Bugs, How Exactly Would That Work?," Wall Street Journal ( 06-09-2023 )
• Quoted in "New law will give Hoosiers more control over how companies use their data," Fox 59 News ( 05-19-2023 )
• Quoted in "Governor signs law requiring BMV to disclose how it spends money generated from selling your personal info," WRTV News ( 05-01-2023 )
• Wrote "How the U.S. Can Use Taxes to Improve Cybersecurity," Wall Street Journal ( 02-15-2023 )
• Co-wrote "Plans for deep seabed mining pit renewable energy demand against ocean life in a largely unexplored frontier," The Conversation ( 01-17-2023 )
• Co-wrote "China's new space station opens for business in an increasingly competitive era of space activity," The Conversation ( 12-15-2022 )
• Co-wrote "China's new space station opens for business in an increasingly competitive era of space activity," Lake County News ( 12-10-2022 )
• Contributed to "Experts grade Facebook, TikTok, Twitter, YouTube on readiness to handle midterm election misinformation," The Conversation ( 10-17-2022 )
• Quoted in "States unclear on what constitutes 'reasonable' cybersecurity," CGN ( 04-04-2022 )
• Quoted in "U.S. warns companies of possible Russian cyberattacks," WTHR ( 03-25-2022 )
• Quoted in "Records show the Indiana BMV has been selling people's personal information," WGN9 News ( 11-22-2021 )
• Quoted in "Cyberattack at Sinclair Broadcasting disrupts WSBT-TV shows and phones," South Bend Tribune ( 10-19-2021 )
• Mentioned in "Black Hat 2021: Should There Be a Federal Cybersecurity Safety Board?," BizTech ( 08-10-2021 )
• Quoted in "Can the US curb China's cyber ambitions?," Gov Info Security ( 07-20-2021 )
• Quoted in "Cybercriminals target internet-connected medical devices," Indianapolis Business Journal ( 06-25-2021 )
• Quoted in "Westfield clerk, mayor battle over spyware installed on city hall computers," WISH-TV ( 06-23-2021 )
• Quoted in "State of cybersecurity -- How is Indiana doing?," Building Indiana ( 06-16-2021 )
• Quoted in "Eternal vigilance: Ransomware one of numerous cyberthreats keeping city constantly in monitoring mode," The Journal Gazette ( 06-10-2021 )
• Quoted in "This is what to do if you fall victim to an unemployment scam," The Indianapolis Star (sub. req.) ( 06-07-2021 )
• Quoted in "Where's the beef? Ransomware hit highlights cyber problems," Gov Info Security ( 06-04-2021 )
• Co-wrote an article titled "Colonial Pipeline forked over $4.4M to end cyberattack -- but is paying a ransom ever the ethical thing to do?," The Conversation ( 05-26-2021 )
• Wrote an article titled "Zero-trust security: Assume that everyone and everything on the internet is out to get you -- and maybe already has," The Conversation ( 05-21-2021 )
• Quoted in "Civilian cyber reserve program proposed," Bank Info Security ( 04-29-2021 )
• Wrote an article titled "The FBI is breaking into corporate computers to remove malicious code-smart cyber defense or government overreach?," The Conversation ( 04-26-2021 )
• Quoted in "A SpaceX advisor and other industry figures explain why the company's NASA partnership signals a new space age as they prepare for the Artemis mission," Business Insider ( 04-24-2021 )
• Quoted in "ANALYSIS - As U.S. cities embrace tech, cyberattacks pose real-world risks," Thomas Reuters Foundation News ( 04-07-2021 )
• Quoted in "Senators raise security concerns over selling personal data," Gov Info Security ( 04-06-2021 )
• Quoted in "Exchange hacks: how will the Biden administration respond?," Gov Info Security ( 03-15-2021 )
• Co-wrote an op-ed titled "We urgently need a NTSB for cybersecurity," Wall Street Journal ( 03-02-2021 )
• Wrote an article titled "What cybersecurity investigators can learn from airplane crashes," Yahoo! News ( 02-20-2021 )
• Quoted in "Senators demand more coordination in SolarWinds investigation," Bank Info Security ( 02-10-2021 )
• Quoted in "Microsoft describes how SolarWinds hackers avoided detection," Bank Info Security ( 01-21-2021 )
• Quoted in "How to stay safe when doing your holiday shopping online or in person," Indiana Daily Student ( 12-16-2020 )
• Quoted in "Unprecedented study details state of cybersecurity preparedness in Indiana," IU Newsroom ( 12-10-2020 )
• Quoted in "Trump is threatening to veto $740 billion in military spending unless Congress revokes Section 230 -- the internet law he hates," Business Insider ( 12-02-2020 )
• Quoted in "The Georgia runoffs could decide the fate of Section 230 -- along with the future of Big Tech," Business Insider India ( 11-15-2020 )
• Wrote an article titled "How tech firms have tried to stop disinformation and voter intimidation -- and come up short," The Conversation ( 11-02-2020 )
• Quoted in "Cyber attacks surging; Hoosiers need to be extra vigilant," WTHR ( 10-05-2020 )
• Quoted in "To secure elections, paper ballots, risk-limiting audits and fighting misinformation are required: IU study," Chicago Tribune ( 10-02-2020 )

Selected Works

• GOVERNING NEW FRONTIERS IN THE INFORMATION AGE: TOWARD CYBER PEACE (Cambridge University Press, forthcoming 2020).
• THE INTERNET OF EVERYTHING: WHAT EVERYONE NEEDS TO KNOW (Oxford University Press, forthcoming 2020).
• MANAGING CYBER ATTACKS IN INTERNATIONAL LAW, BUSINESS AND RELATIONS: IN SEARCH OF CYBER PEACE (Cambridge University Press, 2014).
• The Sport of Cybersecurity: How Professional Sports Leagues Can Better Protect the Competitive Integrity of their Games, __ BOSTON COLLEGE LAW REVIEW __ (forthcoming 2020) (with Nathaniel Grow).
• The Future of Frontiers, __ LEWIS & CLARK LAW REVIEW __ (forthcoming 2020).
• Rethinking Active Defense: A Comparative Analysis of Proactive Cybersecurity Policymaking, __ UNIVERSITY OF PENNSYLVANIA JOURNAL OF INTERNATIONAL LAW __ (forthcoming 2020) (with Danuvasin Charoen, Tristen Waite, & Nancy Zhang).
• Smart Factories, Dumb Policy? Managing Cybersecurity and Data Privacy Risks in the Industrial Internet of Things, __ MINNESOTA JOURNAL OF LAW, SCIENCE, & TECHNOLOGY __ (forthcoming 2020).
• Unpacking the Rise of Benefit Corporations: A Transatlantic Comparative Case Study, __ VIRGINIA JOURNAL OF INTERNATIONAL LAW __ (2019) (with Janine Hiller & Xiao Ma).T
• The Firm and Common Pool Resource Theory: Understanding the Rise of Benefit Corporations, 55 AMERICAN BUSINESS LAW JOURNAL 5 (2018) (with Janine S. Hiller).
• Securing the Internet of Healthcare, 19 MINNESOTA JOURNAL OF LAW, SCIENCE AND TECHNOLOGY 405 (2018) (with Michael Mattioli, Steve Myers, Austin Brady, Yvette Wang, and Stephanie Wong).
• When Toasters Attack: Enhancing the ‘Security of Things’ through Polycentric Governance, 2017 UNIVERSITY OF ILLINOIS LAW REVIEW 415 (2017) (with Anjanette Raymond, Danuvasin Charoen, Rakshana Balakrishnan, Prakhar Dixit, Julianna Gjonaj, & Rachith Kavi).
• Making Democracy Harder to Hack: Should Elections be Classified as ‘Critical Infrastructure?’, 50 MICHIGAN JOURNAL OF LAW REFORM 629 (2017) (with Michael Sulmeyer, Bruce Schneier, Anne Boustead, Ben Buchanan, Amanda Craig, Trey Herr, & Jessica Malekos Smith).
• The Law of Cyber Peace, 18 CHICAGO JOURNAL OF INTERNATIONAL LAW 1 (2017).
• Block-by-Block: Leveraging the Power of Blockchain Technology to Build Trust and Promote Cyber Peace, 19 YALE JOURNAL OF LAW AND TECHNOLOGY 334 (2017) (with Steve Myers).

Related Links

• IU Kelley School of Business Faculty Profile
• Ostrom Workshop Program on Cybersecurity and Internet Governance

Areas of Expertise

• Cybersecurity law