The recent WannaCry and NotPetya global cyber incidents have fueled the debate already raging over the role of and limits on corporate self-defense in cyberspace. The emerging international practice of “active cyber defense” (ACD) moves this debate beyond the merely theoretical realm. Private sector active defense potentially shifts the balance in favor of defenders and would improve companies’ ability to complicate and disrupt attacks and mitigate damages.
Latest in Active Cyber Defense
Bobby Chesney raised a number of issues regarding the Active Defense Certainty Act, and I’m just getting into it now. I think Bobby’s comments are spot on, but I want to amplify some of his concerns.
We are happy to report that Episode 7 of the National Security Law Podcast ("The Less Prep the Better") has just gone live. In about 42 minutes, we discuss:
- the Trump allegation about being wiretapped
- the Trump allegation about GTMO recidivism (and the Spicer follow-up about just when judges got involved in ordering GTMO releases)
Some thoughts on Representative Tom Graves's discussion draft of a bill that would create a defense to liability under the Computer Fraud and Abuse Act (CFAA) (18 USC 1030) for “active cyber defense measures."
The legitimation of cyber privateering is not without its problems: it would open the door to unnecessary escalation, potential for reprisal, and what is, for the United States, a strategically undesirable international norm.
Over the course of two days in February 2016, the Strauss Center at the University of Texas-Austin will host a unique and timely conference focused on the legal and policy dimensions of cybersecurity.
On February 5-6, 2016, the Strauss Center at the University of Texas-Austin will host a unique and timely conference focused on the legal and policy dimensions of cybersecurity.
Going Dark, Hacking Back, Botnet Takedowns, and More: The Strauss Center's Feb. 4-6 Cybersecurity Conference
I'm very excited to announce that the Strauss Center at UT-Austin is launching a new education-and-research program we are calling "Integrated Cybersecurity Studies," and that we are marking the occasion with a rather-special event here in Austin on February 5th and 6th. I hope some readers can join us!