Does cyber warfare require a new set of international laws, or are the laws in the Tallinn Manual sufficient?

New laws should be written for cyber warfare50%

Laws in the Tallinn Manual are sufficient26%


Other (please share below)2%


545 views1 Comment

Director, Information Security in Education, 1,001 - 5,000 employees
While I think laws addressing cyber warfare are substantially better than the status quo of slapping together additional laws against domestic hacking (regardless of how “big” of an issue that may be), in practice I don’t think they’d really be enforced or amount much and would ultimately be more performative.

Threat actors, if they change behavior at all, would simply alter what they do just enough to maintain plausible deniability in attribution.

Far more effective, and enforceable, would be holding companies and government agencies to standards for protecting data and reporting breaches. If hacking is already illegal, additional laws won’t deter them as much. If a huge corp has to spend some money on security, the biggest consequence for them is their earnings per share may be slightly lower.

Content you might like

Cyber insurance with ransomware coverage44%

Law enforcement contact(s)44%

Ransomware response plan60%

Ransomware task force/team39%

Bitcoin account for ransomware payments14%

Disaster recovery site33%

Other (comment below)1%



Fraud mitigation19%

Protection of reputation and brand56%

Protection of consumer data19%

Regulatory or compliance requirements6%



CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
42.2k views131 Upvotes319 Comments