Lawfare has published an op-ed on this topic by Rick Salgado and me. The gist is that the government has been adapting FISA section 702 to thwart cyberspies and ransomware gangs. We argue that this gives CISOs a stake in the debate over renewing 702:
For Section 702 to be an effective weapon against cyberattacks, CISOs must become informed participants in the debate. If you are one of the many CISOs who think the government should do more to thwart attacks on your networks, your voice in defense of 702 is critical. But you should also hold the government's feet to the fire to make 702's potential real, through effective real-time threat sharing.
Perhaps the easiest way for corporate CISOs to get started is by educating company government affairs staff. Once you've explained what Section 702 could do to protect the company—especially if the government adopts measures to quickly share information with CISOs—you just need to ask that the company's public stance on Section 702 take into account the big contribution the law could make toward protecting the company's own networks.
Comments