Georgia governor vetoes controversial cybersecurity bill

A controversial cybersecurity bill was vetoed by Georgia's governor this week after pressure from Microsoft and Google. Plus, IBM banned USB drives, and more. Georgia Governor Nathan Deal vetoed a cybersecurity bill this week that would have criminalized unauthorized computer access but granted exceptions for "hacking back." Senate Bill 315 was passed Georgia's General Assembly in April, and it received the attention of critics who said the cybersecurity bill would enable private companies to hack into other networks. Executives from Google and Microsoft also expressed opposition to the bill because a provision would grant exceptions for "active defense measures" that would make it more difficult to secure enterprise systems. "Georgia codifying this concept in its criminal code is potentially a grave step that has some known and many unknown ramifications for technology companies, the tech community at large, and any company with a computer network," Google's Ron Barnes and Microsoft's Ryan Harkins wrote in a letter to Deal opposing the bill. The executives argued the provision would give companies and individuals the right to "hack back." "Network operators should indeed have the right and permission to defend themselves from attack, but, before Georgia endorses 'hack back' authority in 'defense' or even anticipation of a potential attack with no statutory criteria, it should have a much more thorough understanding of the ramifications of such a policy," Barnes and Harkins wrote. "Provisions such as this could easily lead to abuse and be deployed for anticompetitive, not protective purposes." Following the feedback from industry experts, Deal vetoed Senate Bill 315.