Kristen Eichensehr

Fast Facts

  • Director, National Security Law Center at the University of Virginia School of Law
  • Clerked for Supreme Court Justices Sandra Day O’Connor and Sonia Sotomayor
  • Expertise on cybersecurity, foreign relations, international law, and national security law

Areas Of Expertise

  • Foreign Affairs
  • American Defense and Security
  • Domestic Affairs
  • Law and Justice
  • Science and Technology

Kristen Eichensehr is the director of the National Security Law Center at the University of Virginia School of Law and a faculty senior fellow at UVA’s Miller Center. Eichensehr writes and teaches about cybersecurity, foreign relations, national security, and international law. Her recent work addresses national security screening of investments, separation of powers in the national security state, the attribution of state-sponsored cyberattacks, and the interaction of the Supreme Court’s major questions doctrine with U.S. international agreements.

Eichensehr is a member of the U.S. State Department’s Advisory Committee on International Law and the National Academies of Sciences, Engineering, and Medicine Forum on Cyber Resilience. She serves as an adviser on the Restatement (Fourth) of the Foreign Relations Law of the United States and on the editorial boards of Just Security and the Journal of National Security Law & Policy. Eichensehr received the 2018 Mike Lewis Prize for National Security Law Scholarship for her article “Courts, Congress, and the Conduct of Foreign Relations,” and her article on “National Security Creep in Corporate Transactions” (with Cathy Hwang) was selected as one of the best corporate and securities articles of 2023 by Corporate Practice Commentator.

Prior to entering academia, Eichensehr clerked for Justices Sandra Day O’Connor and Sonia Sotomayor of the Supreme Court of the United States and for then-Judge Merrick B. Garland of the U.S. Court of Appeals for the D.C. Circuit. She also served as special assistant to the legal adviser of the U.S. Department of State and practiced at Covington & Burling in Washington, D.C.

Kristen Eichensehr News Feed

University of Virginia School of Law professors Kristen Eichensehr and Cathy Hwang’s paper analyzing the growing role of national security in corporate transactions has been named one of the top 10 corporate and securities law articles of 2023.
Kristen Eichensehr UVA Law
Constitutional self-government and authoritarianism are in a worldwide contest—and it is not going well for democracy. Miller Center Faculty Senior Fellow and Taylor Professor of Politics John M. Owen IV engages with experts to discuss open liberal internationalism and what comes next for "The Ecology of Nations," the title of his latest book.
Aynne Kokas, John Owen, Kristen Eichensehr, Eric Edelman Miller Center Presents
Kristen Eichensehr, a former O'Connor clerk, recalls her inner toughness tempered by good humor and abiding pragmatism
Kristen Eichensehr
For years, Russia has both officially and unofficially used cyber tools to ruthlessly advance its international agenda. For this reason, many expected Russia's recent invasion of Ukraine to also kick off a new and brutal era of international cyberwar. Instead, cyber measures have only played a small part in the overall conflict compared to more conventional capabilities, leading many to ask whether Russian cyber capabilities and the role of cyber in the future of warfare more generally might well have been exaggerated. To dig into these issues, Scott R, Anderson sat down with University of Virginia law professor Kristen Eichensehr, who wrote a recent article on the topic for the American Journal of International Law. They discussed possible explanations for the limited role that cyber capabilities have played in the conflict, whether that might change in the next stage of the conflict and what it all means for the future of cyber measures in warfare.
Kristen Eichensehr Lawfare Podcast
Russia’s invasion of Ukraine has put to the test theories about how cyberattacks fit into conventional war. Contrary to many expectations, cyber operations appear to have played only a limited role in the initial stages of the invasion, prompting competing theories and rampant speculation about why. Although written while the conflict continues, this essay considers how either of two broad explanations for the limited role of cyberattacks to date—that Russia’s attempted cyberattacks were thwarted or that Russia chose not to deploy them widely—challenges conventional wisdom about cybersecurity. The essay concludes by suggesting that one lesson international lawyers should draw from the current conflict is the urgent need to clarify and enforce international rules not just for the rare high-end destructive or widely disruptive cyber operations, but also for lower-level operations that have proven more consistently problematic, both in Ukraine and elsewhere. Clarifying such rules could help to manage escalation risk now and in the future, even if such rules—like the most venerable international law prohibitions that Russia’s invasion has violated—do not necessarily restrain behavior directly.
Kristen Eichensehr SSRN
On Wednesday, the U.S. Department of Justice (DOJ) announced that it had “disrupt[ed] a two-tiered global botnet of thousands of infected network hardware devices under the control of a threat actor known to security researchers as Sandworm,” and identified by the U.S. government as “the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (the GRU).” This action is the latest in what appears to be a string of public moves to impose additional friction on malicious Russian actors in cyberspace since the invasion of Ukraine, and it’s also emblematic of the efforts by the United States over the last few months to shift the framing of some cybersecurity threats from purely criminal matters to national security concerns.
Kristen Eichensehr Just Security