Security Congress Abstract
Information security teams have been constrained by laws in the United States to a defensive posture. This legal constraint has focused the development of the information security tool industry to those systems that help detect, contain, eradicate and recover from specific attack vectors. However, in a proposed U.S. bill (Active Cyber Defense Certainty Act), victims of an ongoing attack would be enabled to fight back. The amendment would allow organizations more powers to build and maintain an offensive capacity in a concerted effort to not only identify hackers, but to disrupt any attacks. The goal of this session is to ensure there is a clear understanding of how organizations might change to support and take advantage of this type of legal structure change.