What Common Law and Common Sense Teach Us About Corporate Cybersecurity

This Note examines the challenges of corporate cyberdefense and suggests an approach to mitigate them. Part I outlines the background of the corporate cyberdefense quandary and various cyberdefense strategies. Part II explores the current landscape of cybersecurity law in the United States and the regulatory infrastructure that governs cybercrimes. Part II also surveys case law that illustrates the legal loopholes and ambiguities corporations face when implementing cybersecurity measures. Finally, Part III argues that the proposed active defense model fails to comport with practical concerns and established legal principles. This Note’s comparative analysis of common law ‘defense of property’ principles and corporate cyberdefense provides a framework from which the Federal Communications Commission, in conjunction with the Cyber Threat Intelligence Integration Center, should promulgate sensible and legally-sound corporate cyberdefense guidelines.