The federal government has a lot to worry about already, and therefore doesn’t have the resources to prevent hacks against private organizations. This shifts the burden of cyber security to individual corporations, and to each person employed there who could potentially open up vulnerabilities.
One topic under discussion is defining what constitutes “active defense,” because up to this point, the law hasn’t covered which behaviors are and aren’t acceptable. This is why some are referring to the interaction between attacker and defender as a sort of “gray zone.”
Moving beyond the current “wild west” status of law that would set out which types of defense interactions are legal versus illegal is part of the responsibility that Washington has to the nation. This is important for at least the following reasons:
- Not all apparent hacks are actual attacks.
- If an outside party had his or her system harmed because someone else considered their innocent interaction as malicious and thus fought back, they should have some legal recourse.
- Corporate policy should be developed for compliance with the law, but up to this point, none such exists.
When it comes to the current legal framework within some realms of cyberspace, a lot is left up to chance. Call Network Service Solutions at 253-395-9235 to learn more about cyber security.