IT testing laws leave lawyers laughing

Friday, 27 September 2002, 2:11 PM EST

IT managers are rejecting elaborate waivers pushed by IT security vendors for routine penetration testing, but legal concerns have been accelerating since the introduction of the Cybercrime Act (2001).

Security vendors and IT managers agree the legal landscape has become far more complicated in the past 12 months and concerns have been raised about the legalities surrounding IT security testing following the introduction of the draconian cybercrime legislation.

Offences carrying jail terms of up to 10 years for possessing hacker tool kits, scanners and virus code are part of the act.

But for IT security vendors these are the tools of the trade and the only way to 'fit the bill' is to ensure written authorisation is backed by appropriate indemnities from clients. However, the indemnities have become so elaborate to cover legislative concerns as well as insurance risk that users are sceptical.

A company that undertakes extensive penetration testing is ITAC and CEO Stephen James said customers have baulked at some of the waivers. The use of lawyers has certainly increased in the past 12 months, he said.

[ Read more ]




Spotlight

Staples customers likely the latest victims of credit card breach

Posted on 21 October 2014.  |  Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //