The IT Law Wiki

Defensive measure

32,074pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

Defensive measure is

an action, device, procedure, signature, technique, or other measure applied to an information system or information that is stored on, processed by, or transiting an information system that detects, prevents, or mitigates a known or suspected cybersecurity threat or security vulnerability.[1]

Overview Edit

"Defensive measures, as a technical matter, typically should not need to contain personal information of a specific individual or information that identifies a specific individual. However, they may contain such information if determined necessary to the defensive measure."[2]

"The term ‘defensive measure’ does not include a measure that destroys, renders unusable, provides unauthorized access to, or substantially harms an information system or information stored on, processed by, or transiting such information system not owned by —

(i) the private entity operating the measure; or
(ii) another entity or Federal entity that is authorized to provide consent and

has provided consent to that private entity for operation of such measure."[3]

References Edit

  1. Privacy and Civil Liberties Interim Guidelines: Cybersecurity Information Sharing Act of 2015, at 16.
  2. Id. at 6.
  3. Id. at 16.

Also on Fandom

Random Wiki