Defensive measure is
|“||an action, device, procedure, signature, technique, or other measure applied to an information system or information that is stored on, processed by, or transiting an information system that detects, prevents, or mitigates a known or suspected cybersecurity threat or security vulnerability.||”|
"Defensive measures, as a technical matter, typically should not need to contain personal information of a specific individual or information that identifies a specific individual. However, they may contain such information if determined necessary to the defensive measure."
"The term ‘defensive measure’ does not include a measure that destroys, renders unusable, provides unauthorized access to, or substantially harms an information system or information stored on, processed by, or transiting such information system not owned by —
- (i) the private entity operating the measure; or
- (ii) another entity or Federal entity that is authorized to provide consent and
- ↑ Privacy and Civil Liberties Interim Guidelines: Cybersecurity Information Sharing Act of 2015, at 16.
- ↑ Id. at 6.
- ↑ Id. at 16.