This topic is based upon a draft law review article written by the presenter, an abbreviated version of which was published in the Oct. edition of the Geo. Mason Univ. “CIP Report.” The topic covers the techniques of beaconing, sinkholing, honeypots, threat intelligence gathering, hunter groups, and retaliatory hacking, and explores the ethical and legal boundaries of each. The presenter will discuss potential practical, political, legal, and ethical risks associated with misattribution, attracting attacks, and escalation. Finally, the presenter discuss active defense alternatives, including centralized information sharing through the ISACs, proposed cyber legislation, and collaboration with ISPs.
- Identify risks incident to techniques employed by information security professionals
- Establish active defense rules pursuant to law and corporate ethics
- Consider viability of all reasonable active defense alternatives
About Sean Harrington
Sean L. Harrington is a cybersecurity attorney, law professor, digital forensics examiner, expert witness, instructor, and author, with a background in the financial services and healthcare sectors and critical infrastructure protection. He holds the CIPP/US, CISSP, CCFP, CHFI, MCSE, and CSOXP certifications, is licensed by the Texas Private Security Bureau, and is admitted to state bars of California and Wisconsin.