Peter Swire: Will Processing CTI Become Legally Risky?

Professor Peter Swire, J.Z. Liang Chair of the School of Cybersecurity & Privacy and Professor of Law and Ethics in the Scheller College of Business joined the Studio 471 Podcast for a discussion about how cybersecurity may be affected by strict privacy rules.

From Intel471.com:

An increasing number of regulations in different countries and regions require data to be processed locally for privacy and national security reasons. But these regulations have potential negative impacts on cybersecurity, such as limiting the sharing of information useful for threat hunting and penetration testing. For example, Europe’s General Data Protection Regulation considers IP addresses – a common indicator of compromise – as personal data. Since 2021, Professor Peter Swire of Georgia Tech’s College of Computing has led a team that has published two papers (linked below) studying the effects of data localization on the provision of cybersecurity services. In this Studio 471, Swire discusses the regulatory environment, how it could impact the use of cyber threat intelligence and what could be done to ensure attackers don’t leverage these changes to their advantage.