Photo by Tingey Injury Law Firm on Unsplash

Legally Defensible Security

Something that usually happens with a certain frequency is that some information system or online business is a victim of malicious acts by competitors, mafias or unhappy employees. If this happens it is a legal obligation (National Security Framework or GDPR) for the victim to report what happened to the competent authority. This authority does not try to “catch the bad guy” to try to restore the victim, but to look for and understand patterns, campaigns and/or techniques of widespread malicious acts and try to cut them off and prevent them as effectively as possible.

But if your business has been robbed or broken into, that’s done and it’s going to be very difficult to find the perpetrator, let alone bring him to a judge, let alone have him convicted to return what he stole.

In this context, in security there is the concept of “Legally Defensible Security” and, given the value of the information assets that more and more companies manage, it is becoming more popular and implemented. Let’s get to it.

The point of security is to keep bad things from happening while supporting the occurrence of good things. When bad things do happen organizations often desire assistance from law enforcement and the legal system for compensation. To obtain legal restitution you must demonstrate that a crime was committed, that the suspect (assuming you find him) committed that crime, and that you took reasonable efforts to prevent the crime. This means your organization’s security meets to be legally defensive.

If you are unable to convince a court that your log files are accurate and that no other person other than the subject could have committed the crime, you will not obtain restitution. Ultimately, this requires a complete security solution that have strong multi factor authentication techniques, solid authorization mechanism, and impeccable auditing systems.

Additionally, you must show that the organization complies with all applicable laws and regulations, that proper warnings and notifications were posted, that both logical and physical security were not otherwise compromised, and that there are no other possible reasonable interpretations of the electronic evidence. this is a fairly challenging standard to meet. Thus, an organization should evaluate its security infrastructure and redouble its effort to design and implement, even little by little, legally defensible security.

Author: Javier Jiménez (Linkedin)

Optimist. Futurist. Entrepreneur. Cloud & Cybersecurity Expert at

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Cryptotransactions in WatsApp

Feirm Weekly — 17/08 to 23/08

D’ohs and Dons of Cyber Security Training (2/2) — the Seven Dons

How Chrome stores your passwords (Windows & macOS), and why you (still) shouldn’t let it

Making your application GDPR compliant with Context.IO

Is fake credit card generator software is illegitimate or illegal?

{UPDATE} Snake Reborn Hack Free Resources Generator

Monitoring USN journal for changes

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Javier Jiménez @ Mars Explorers Wanted

Javier Jiménez @ Mars Explorers Wanted

Optimist. Futurist. Entrepreneur. Cloud & Cybersecurity Expert at

More from Medium

My one secret to share…

How IoT devices help us make sense of the green environment— A journey toward homemade plant…

Install and configure nested ESXi 6.7