Earlier this year, the Center for Cyber & Homeland Security at the George Washington University (“Center”) announced a new project on active defense against cyber threats. The Center established a high-level task force to examine these issues. The task force included prominent cybersecurity and industry experts, including Alston & Bird partner Michael Zweiback.
The Task Force successfully released its final report in October. It is available here.
The report comes at a time when cyber vulnerabilities have been exploited by hostile state and non-state actors in cyberspace for political and economic reasons. While companies have improved their cybersecurity defenses and regulators have started paying attention to the importance of cybersecurity, additional means may still be necessary to address future cyber threats.
The paper examines ways to develop and evolve appropriate risk-driven policies to enable companies to engage in active defense. According to the report, active defense has been defined to fall into two general categories:
- The first covering technical interactions between a defender and an attacker.
- The second includes those operations that enable defenders to collect intelligence on threat actors and indicators on the Internet, as well as other policy tools (e.g. sanctions, indictments, trade remedies) that can modify the behavior of malicious actors.
The report lays out the proposed framework for active defense and proposes a set of specific near-term policy recommendations for the U.S. executive branch, Congress, and the private sector in order to facilitate the implementation and adoption of the framework.