Josephine Wolff

Josephine Wolff

160 Packard Avenue, Medford, MA 02155
Research/Areas of Interest:

Cybersecurity policy; Economics of information security; Cyber-insurance; Data breaches and liability


  • Ph.D., Massachusetts Institute of Technology
  • M.S., Massachusetts Institute of Technology
  • A.B., Princeton University


Josephine Wolff is an associate professor of cybersecurity policy and has been at The Fletcher School at Tufts University since 2019. Her research interests include liability for cybersecurity incidents, international Internet governance, cyber-insurance, cybersecurity workforce development, and the economics of information security. Her first book "You'll See This Message When It Is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches" was published by MIT Press in 2018. Her second book "Cyberinsurance Policy: Rethinking Risk in an Age of Ransomware, Computer Fraud, Data Breaches, and Cyberattacks" will be published by MIT Press in 2022. Her writing on cybersecurity has also appeared in Slate, The New York Times, The Washington Post, The Atlantic, and Wired. Prior to joining Fletcher, she was an assistant professor of public policy at the Rochester Institute of Technology and a fellow at the New America Cybersecurity Initiative and Harvard's Berkman Klein Center for Internet & Society.

Areas of expertise

Science & Technology Policy

Selected Publications and Presentations


“You’ll See This Message When It Is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches." MIT Press, 2018.


"When Cyber Threats Loom, What Can State and Local Governments Do?" Georgetown Journal of International Affairs, Fall 2018, vol. XIX, pp. 67-75, (with William Lehr).

"What We Talk About When We Talk About Cybersecurity: Security in Internet Governance Debates," Internet Policy Review, vol. 5, no. 3, 2016.

"Perverse Effects in Defense of Computer Systems," Journal of Management Information Systems, vol. 33, no. 2, pp. 597-620, 2016.