John Carlin spoke to Cybersecurity Law Report for a Q&A that covers the Department of Justice’s (DOJ) recent guidance that addresses the growing market for cyber threat intelligence services, discussing its tips and suggested practices, compliance programs for threat research efforts, and shifting expectations around corporate interactions with the dark web.
According to John, the DOJ issued this guidance because “it was hearing from counsel and from companies that wanted to go into the business of gathering threat intelligence, and from victim companies wondering whether they could hire third parties to search for and collect information on the dark web.”
“The DOJ wanted to clarify the permitted practices for the sector, and encourage companies that are committed to compliance to enter this space in a safe way.”
Read the full article.