We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Legal Aspects of Full Spectrum Computer Network (Active) Defense

0
 Zitieren
 Teilen
 Zugehöriges Material
 Herunterladen
 Bestellen
Kein Logo verfügbarDEF CON
 Clark, Robert

Formale Metadaten

Titel
Legal Aspects of Full Spectrum Computer Network (Active) Defense
Serientitel
Anzahl der Teile
112
Autor
Lizenz
CC-Namensnennung 3.0 Unported:
Sie dürfen das Werk bzw. den Inhalt zu jedem legalen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen.
Identifikatoren
Herausgeber
Erscheinungsjahr
Sprache

Inhaltliche Metadaten

Fachgebiet
Genre
Abstract
Full spectrum computer network (active) defense mean more than simply "hacking back". We've seen a lot of this issue lately. Orin Kerr and Stewart Baker had a lengthy debate about it online. New companies with some high visibility players claim they are providing "active defense" services to their clients. But all-in-all, what does this really mean? And why is it that when you go to your attorneys, they say a flat out, "No". This presentation examines the entire legal regime surrounding full spectrum computer network (active) defense. It delves into those areas that are easily legal and looks at the controversial issues surrounding others. As such we will discuss technology and sensors (ECPA and the service provider exception); information control and management (DRM); and, "active defense" focusing on honeypot, beacons, deception (say hello to my little friend the Security and Exchange Commission); open source business intelligence gathering (CFAA, economic espionage; theft of trade secrets); trace back and retrieval of stolen data (CFAA). Past presentations have shown much of what is taken away is audience driven in response to their questions and the subsequent discussion. And, as always, I try to impress upon computer security professionals the importance of working closely with their legal counsel early and often, and of course "Clark's Law" - explain the technical aspects of computer security to your attorneys at a third grade level so they can understand it and then turn around and explain it to a judge or jury at a first grade level. Robert Clark has enjoyed working numerous federal legal jobs for the past two decades. He is the former Cybersecurity Information Oversight & Compliance Officer for the Assistant Secretary of Cybersecurity and Communications, Department of Homeland Security and former legal advisor to the Navy CIO; United States Computer Emergency Readiness Team; and, the Army's Computer Emergency Response Team. In these positions he has provided advice on all aspect of computer network operations. He interacts regularly with many government agencies and is a past lecturer at Black Hat; DEF CON; Stanford Center for Internet and Society and the Berkman Center for Internet & Society at Harvard University -Four TED-TECH Talks 2011; SOURCE Boston 2010; the iapp; and, the DoD's Cybercrimes Conference. He is thrilled to be returning to DEF CON this year.