Computer crime law is ‘hopelessly outdated and legally ambiguous’, critics warn
The issue of security professionals potentially falling foul of the law for doing their jobs extends beyond the UK’s borders.
Tony Cole, CTO of Attivo Networks, explained that penetration testers face challenges when doing work in different jurisdictions, in large part because law enforcement and the courts still don’t have clear laws or court rulings on what is and isn’t legal.
“We need guidelines,” Cole said. “In the US recently, a red team was arrested for breaking into a court, while under contract with the state of Iowa to do exactly that.
“If we are to take advantage of the great skillsets available to find and identify exploitable vulnerabilities, we must change the laws to keep up with new capabilities in our connected world,” he concluded.
Read the full article in The Daily Swig.