This presentation examines the legal regime surrounding cyberspace operations. The analysis looks at the legal underpinnings of computer network security; defense; exploitation; and, attack. After covering the laws and policies related to these topics, we will examine several of the recent incidents and intrusions that have occurred and discuss why none of them have been classified as "attacks" by those who could do so. Attendees will get an understanding of the hot legal topics in computer network operations. Past presentations have shown much of what is taken away is audience driven in response to their questions and the subsequent discussion. And, as always, I try to impress upon computer security professionals the importance of working closely with their legal counsel early and often, and explaining the technical aspects of computer security to their attorneys at a third grade level so my profession can understand it and then turn around and explain it to a judge or jury at a first grade level. (All material is unclassified and available in the public domain.)
Robert Clark is currently the operational attorney for the U.S. Army Cyber Command. He is the former Cybersecurity Information Oversight & Compliance Officer with the Office of Cybersecurity and Communications, Department of Homeland Security and former legal advisor to the Navy CIO; United States Computer Emergency Readiness Team; and, the Army's Computer Emergency Response Team. In these positions he has provided advice on all aspect of computer network operations. He interacts regularly with many government agencies and is a past lecture at Black Hat; DEFCON; Stanford Center for Internet and Society and the Berkman Center for Internet & Society at Harvard University -Four TED-TECH Talks 2011; SOURCE Boston 2010; the iapp; and, the DoD's Cybercrimes Conference.