Reply to post: Don't change the ban, change the insurance policy.

Yes, Prime Minister, rewrite the Computer Misuse Act: Brit infosec outfits urge reform

steelpillow Silver badge

Don't change the ban, change the insurance policy.

The law is right to keep pen testers with unknown-coloured hats at bay. The problem is obtaining permission to carry out defensive screening. Emailing the hapless outfit with "Hi, can I run a fake cyberattack on you?" can hardly have a good response rate.

We need a regulatory regime where insurance companies put your permission in the small print and are then able to delegate the research to approved cybersecurity operations.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020