Posts by Harley Geiger

3 min Public Policy

Rapid7 Joins Statement On DMCA Lawsuits Against Security Tools

Rapid7 joined a statement from cybersecurity community members urging against suppression of security tools and technologies using Section 1201 of the DMCA.

9 min Public Policy

Proposed security researcher protection under CFAA

Rapid7 views independent cybersecurity research and the security community as important drivers for advancing cybersecurity for all, a core value for Rapid7. One way we take action on this value is by supporting protection for security researchers acting in good faith.

2 min Public Policy

Supreme Court narrows CFAA

The Supreme Court interprets the CFAA narrowly. This avoids over-criminalizing cybersecurity research and commonplace internet activity, though may raise concerns about insider threats.

6 min Public Policy

How the Biden Administration's cybersecurity order will affect companies

The Biden Administration's Executive Order will create new software security and cyber incident reporting requirements for federal contractors.

7 min Public Policy

Calling for cybersecurity in infrastructure modernization

Rapid7 issued a group letter urging the Biden Administration and Congress to work together to integrate cybersecurity into infrastructure legislation.

6 min Public Policy

Overview of the EU’s draft NIS 2 Directive

The EU Commission proposed revisions to its NIS Directive that would enhance cybersecurity requirements on critical infrastructure-like organizations in the EU. This post provides an overview of the proposed revisions.

4 min Public Policy

Principles for personal information security legislation

Rapid7's principles for laws to protect personal information: 1) Strong but flexible security requirements; 2) Security exemptions from privacy restrictions; 3) State preemption without undermining cybersecurity.

2 min Public Policy

Congress unanimously passes federal IoT security law

Congress passed a law to secure federal procurement and use of IoT devices, and require contractors to adopt coordinated vulnerability disclosure processes.

3 min Ransomware

Ransomware Payments and Sanctions - U.S. Treasury Advisory

The U.S. Department of Treasury issued an advisory warning that paying ransoms to cybercriminal groups risks violating sanctions. Rapid7 has previously recommended that victims not pay ransom, and urges organizations to focus on ransomware prevention and recovery.

5 min Public Policy

A step closer to stronger federal IoT security

The US House passed the IoT Cybersecurity Improvement Act, which would require federal procurement and use of IoT devices to conform to basic security requirements.

2 min Public Policy

Rapid7 joins CFAA brief to the Supreme Court

Should it be a federal hacking crime to disobey your workplace computer use policy, or a website's terms of service? A broad interpretation of the CFAA would have far-reaching legal implications for beneficial security research and even ordinary internet behavior.

2 min COVID-19

Resources on the Main Street Lending Program to Support Small and Mid-Sized Businesses

The recent stimulus legislation - the “CARES Act” - allocated up to $600 billion for a new Main Street Lending Program to provide relief to small and mid-sized businesses impacted by the COVID-19 pandemic. Here are some resources on the program.

3 min COVID-19

Financial resources for small businesses grappling with COVID-19

Congress recently passed the CARES Act to help American businesses during the COVID-19 pandemic. The CARES Act established several assistance programs for small businesses. This post provides an overview of these programs, with links to additional information.

4 min Public Policy

Cybersecurity Vulnerability Disclosure in Trade Agreements

Modern trade agreements should incorporate cybersecurity vulnerability disclosure. Here are Rapid7’s thoughts on how to do that and why.

5 min Public Policy

Hackers On The Hill - Slides and recap on cybersecurity policy

Recap of a presentation on the state of public policy related to cybersecurity and hacking from Hackers On The Hill 2020.