The Cybersecurity Act of 2015 attracted national attention because it provided limited immunity for companies that share information about cybersecurity threats with the federal government. A lesser-noticed provision of the law, however, could have more impact on corporate cybersecurity activities. The statute significantly broadens the ability of companies to monitor networks for cybersecurity threats and employ defensive measures. This presentation provides a roadmap to the new law and explains how it expands the abilities of companies to engage in monitoring and defensive measures without running afoul of existing laws such as the Stored Communications Act and Wiretap Act. The presentation also examines privacy advocates' concerns with the new law.
Jeff Kosseff is an Assistant Professor of Cybersecurity Law at the United States Naval Academy. He practiced cybersecurity and privacy law at Covington & Burling, and clerked for Judge Milan D. Smith, Jr. of the U.S. Court of Appeals for the Ninth Circuit and for Judge Leonie M. Brinkema of the U.S. District Court for the Eastern District of Virginia. Kosseff is a graduate of Georgetown University Law Center and the University of Michigan. Before becoming a lawyer, he was a journalist for The Oregonian and was a finalist for the Pulitzer Prize for national reporting.
Dennis Devey is a Midshipman First Class at the U.S. Naval Academy.