Active cyberdefense: Building a pre-emptive strategy to ward off risk

Is your organization practicing active cyberdefense and operating within legal limitations for pre-emptive action? Discuss with us during #GRCchat Nov. 20 at 12 p.m. EST.

As data breaches and other hacks make headlines, officials charged with managing their organizations’ governance, risk and compliance (GRC) activities are seeking pre-emptive strategies for protecting their digital goods. Active cyberdefense, sometimes called hacking back, has a role in the modern enterprise, but companies must be aware of the legal limitations of such methods when warding off cyberattacks.

Join SearchCompliance on Twitter Thursday, Nov. 20, at 12 p.m. EST, for a #GRCchat about gathering actionable intelligence to support GRC activities. Topics we may discuss include hacking back, scouring the "dark" web for threats and how to make the most of the information you gather without stepping on any legal landmines. SearchCompliance editors will lead the chat from the site's Twitter handle, @ITCompliance, joined by other TechTarget writers, editors and experts.


Date: Thursday, Nov. 20, 2014
Time: 12 p.m. EST
Host: @ITCompliance
Hashtag: Use and follow #GRCchat

Is this your first #GRCchat? Whether you’re a first-timer or returning tweet chatter, read the following pointers before signing on:

To follow the conversation, type "#GRCchat" into Twitter's search bar. From this page, select "All" to view tweets in real time.

Your first #GRCchat tweet should be introductory, including your name, title and organization.

@ITCompliance will ask a series of questions related to active cyberdefense, starting at 12 p.m. EDT (Q1, Q2, etc.). In your tweeted responses to each question, please preface with A1 (Answer 1), A2 and so on, then remember to include "#GRCchat". Each tweet sent during the chat should include the hashtag.

Please note that Twitter allows only 140 characters per tweet. You are welcome to tweet multiple responses to each question (consider using format "1 of 2" or "1/2" to identify there is more)

Throughout the discussion, retweet (RT) and favorite tweets you agree with and reply to those you don't.

Please direct questions, RSVPs or other concerns to SearchCompliance Editor Ben Cole. "See" you on Twitter!

Next Steps:

Learn about threat intelligence visibility from a CISO's perspective and what a national cybersecurity strategy should entail.

Dig Deeper on Vulnerability assessment for compliance

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Is your organization practicing active cyberdefense?
This is an interesting topic. Perhaps it can be justified if you and your team have management's buy in, understand the law and all of the potential ramifications, and have zero other vulnerabilities or issues to tend to on your own network. I can't imagine that being anyone's reality, however.