Breach, Data Security

FireEye first cybersecurity firm awarded DHS SAFETY Act certification

The Department of Homeland Security (DHS) certified two FireEye technologies under the SAFETY Act this week, making it the first cybersecurity company to have some of its products shielded from liability claims.

FireEye's Multi-Vector Virtual Execution engine and Dynamic Threat Intelligence cloud platform will be certified until April 30, 2020, DHS announced on its SAFETY Act website. The certification means FireEye customers are protected from lawsuits or claims that the company's products failed to prevent an act of cyber terrorism, if an attack were to happen. The technology will also be placed on an "approved products list" for Homeland Security.

The SAFETY Act, enacted as part of the Homeland Secure Act of 2002, provides “incentives for the development and deployment of anti-terrorism technologies by creating a system of ‘risk management' and a system of ‘litigation management,'” according to a FAQ page on the Act published by DHS.

Attorney Brian Finch, a legal expert on SAFETY Act concerns who also serves as outside counsel for FireEye, told SCMagazine.com in a Friday interview that the company worked for nearly a year to complete its application and receive approval. Finch, a partner at Pillsbury Winthrop Shaw Pittman LLP's public policy practice, explained that after seven months of assembling the application, DHS reviewed it over the course of four months with multiple inquiries to receive more information from FireEye. The company had to prove that its technology had been working in the real world and demonstrate that it would remain top of the line for years to come, Finch said.

Alexa King, FireEye's senior vice president, general counsel and secretary since April 2012, told SCMagazine.com on Friday that, "this certification is not only validating that customers who buy our products get an additional layer of protection and security, but also providing them with an additional layer of security with regard to legal fees."

DHS declined to respond to an inquiry as to whether other cybersecurity companies were pursuing this certification.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.