Brit infosec firms urge PM Boris to reform the Computer Misuse Act
![Cyber Security](/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBK0NGRGc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--de5f872a0aebb8ee0c68c29f7aaa73f6140a4727/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdCem9MWm05eWJXRjBTU0lJYW5CbkJqb0dSVlE2QzNKbGMybDZaVWtpRFRjMU1IZzBOVEJlQmpzR1ZBPT0iLCJleHAiOm51bGwsInB1ciI6InZhcmlhdGlvbiJ9fQ==--9a8cb233bbd899661209fac1218cb930366c2398/data_1590455_1920%20(1).jpg)
A group of British infosec companies has written to UK prime minister Boris Johnson asking him to reform the Computer Misuse Act 1990, saying the act "has failed to keep pace with technological and market developments, inadvertently prohibiting a large component of contemporary threat intelligence research."
The companies, comprising NCC Group, Orpheus Cyber, Context Information Security and Nettitude, urged the winner of the Conservative Party's recent internal leadership contest to bring about "legislative reform to bring cybercrime legislation in step with other regimes".
Key among the companies' demands for reform is the introduction of "statutory defences that apply to accredited professionals who act ethically, in the public interest, to detect and prevent criminal activity."
The letter came after The Register revealed in May this year that while 90 per cent of hacking prosecutions last year were successful, the odds of a prison sentence were very low.
The letter said, in part:
"Legislation currently forces cybersecurity specialists to act with one hand tied behind their backs. Reforming the Computer Misuse Act would enable us to learn more about an attacker’s tactics and identify additional victims, addressing current barriers that often halt our defence investigations so as not to break the law. More modern legislation exists in other jurisdictions - countries which we actively compete within the global cybersecurity market. Failure to modernise our laws risks the increasing demand for cybersecurity services being met outside the UK."
Its signatories, all C-suite execs from the named firms, added: "We believe removing current legislative restraints, and offering certainty to the industry, would significantly unlock the growth of the UK cyber threat intelligence sector, while allowing the industry to better support law enforcement and intelligence agencies."
Researchers have long complained that the Computer Misuse Act (CMA) inhibits research because of broad wording that does not make it completely clear what is and what is not illegal in the fast-moving world of infosec. While no statute could be exhaustively prescriptive about what can and cannot be done, the companies say that the time is ripe to give protection to bona fide researchers.
Ollie Whitehouse, global chief technical officer at NCC Group, said in a statement to The Register: "We're proud to be the driving force behind the necessary reform to the Computer Misuse Act (CMA) – an essential but outdated legislation, which currently restricts many industry specialists like ourselves from carrying out crucial threat intelligence work. Cybersecurity is a global issue, so it’s vital that the UK is able to compete on a level playing field with our international colleagues.”
The act was last amended five years ago, causing some severe worries.
source theregister
Industry: Cyber Security
![Banner Default Image](https://www.dclsearch.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBdytMRGc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--683221fba4088f48e5f9c99e2719b73064c09cee/banner-default.jpg)
Latest Jobs
-
- Network & Security Consultant
- Spain
- Upto €54000 per year and benefits
-
Senior Network & Security Engineer to join a Managed Network & Security Team in Europe. In this critical role, you will: Play a pivotal role in managing and securing network infrastructure across datacenters, customer connections, and on-premise deployments. Proactively monitor network and security devices, analyse incidents, and implement solutions to ensure optimal performance and security. Collaborate with colleagues and customers to troubleshoot issues, troubleshoot outages, and implement effective resolutions. Lead and participate in network system installations for new facilities and expansions. Develop and maintain network infrastructure procedures, recommend technical strategies, and propose improvements to enhance network capabilities. Stay up-to-date on the latest network and security technologies and trends. Work as part of a collaborative international team, contributing to team presentations and knowledge sharing. To be successful, you'll need: Proven expertise in Cisco network solutions (CCNP R&S/Sec/Wireless preferred)for both BAU and project work. In-depth knowledge of network security principles and experience with Fortinet firewalls. Experience deploying and managing large, complex network infrastructure (routing, switching, wireless, security). Solid understanding of ITIL v3 framework for incident, change, and problem management. Excellent troubleshooting skills with experience using Wireshark or similar protocol analysers. Strong communication and teamwork skills, with the ability to work independently and collaborate effectively.
-
- Security Analyst - Internal role. London commutable. £50,000
- London
- £50,000
-
Security Analyst - Internal role. London commutable opportunity. Operational Security - Investigate, escalate and proactively work to ensure household name remains protected. Project Security - Coordinate, log change requests with project delivery teams to meet security requirements Policy / compliance - work with team to aid in uplifting these as and where needed This role is role to investigate, escalate and proactively work to protect a globally recognised brand. You must have current hands on operational analytical security experience with Microsoft technology stack Someone with a SOC Analyst / security engineering background would be well suited. This position will join a small team and would suit someone that has broad experience across the security threat landscape. Experience / knowledge across industry GRC standards such NIST, ISO27001 etc would be advantageous. You will work across multiple teams proactively working to secure the business. Must be able to commute to Central London 3 days a week. Visa sponsorship not available Apply today to find out more.
-
- Network & Security Consultant
- Romania
- €54000 plus benefits
-
Senior Network & Security Engineer to join a Managed Network & Security Team in Europe. In this critical role, you will: Play a pivotal role in managing and securing network infrastructure across datacenters, customer connections, and on-premise deployments. Proactively monitor network and security devices, analyse incidents, and implement solutions to ensure optimal performance and security. Collaborate with colleagues and customers to troubleshoot issues, troubleshoot outages, and implement effective resolutions. Lead and participate in network system installations for new facilities and expansions. Develop and maintain network infrastructure procedures, recommend technical strategies, and propose improvements to enhance network capabilities. Stay up-to-date on the latest network and security technologies and trends. Work as part of a collaborative international team, contributing to team presentations and knowledge sharing. To be successful, you'll need: Proven expertise in Cisco network solutions (CCNP R&S/Sec/Wireless preferred) for both BAU and project work. In-depth knowledge of network security principles and experience with Fortinet firewalls. Experience deploying and managing large, complex network infrastructure (routing, switching, wireless, security). Solid understanding of ITIL v3 framework for incident, change, and problem management. Excellent troubleshooting skills with experience using Wireshark or similar protocol analysers. Strong communication and teamwork skills, with the ability to work independently and collaborate effectively.
-
- Network & Security Consultant
- Hungary
- Upto €54000 per year and benefits
-
Senior Network & Security Engineer to join a Managed Network & Security Team in Europe. In this critical role, you will: Play a pivotal role in managing and securing network infrastructure across datacenters, customer connections, and on-premise deployments. Proactively monitor network and security devices, analyse incidents, and implement solutions to ensure optimal performance and security. Collaborate with colleagues and customers to troubleshoot issues, troubleshoot outages, and implement effective resolutions. Lead and participate in network system installations for new facilities and expansions. Develop and maintain network infrastructure procedures, recommend technical strategies, and propose improvements to enhance network capabilities. Stay up-to-date on the latest network and security technologies and trends. Work as part of a collaborative international team, contributing to team presentations and knowledge sharing. To be successful, you'll need: Proven expertise in Cisco network solutions (CCNP R&S/Sec/Wireless preferred) for both BAU and project work. In-depth knowledge of network security principles and experience with Fortinet firewalls. Experience deploying and managing large, complex network infrastructure (routing, switching, wireless, security). Solid understanding of ITIL v3 framework for incident, change, and problem management. Excellent troubleshooting skills with experience using Wireshark or similar protocol analysers. Strong communication and teamwork skills, with the ability to work independently and collaborate effectively.