The need for law & policy expertise in an effective cyber workforce
The sixth annual Cyber MD conference was a success, bringing together customers, vendors and speakers including the heads of NSA, DISA and Secretary Chertoff.
The need to address people, process AND technology for effective cyber security was a recurring theme among keynote speakers and panelists.
One of the panels addressed the growing importance of technical and non-technical skills in an effective cyber workforce with a special focus on the importance of legal and policy expertise in the cyber security field.
The panel was a lively one on closing the gap between lawyers and technologists.
Many questions were taken from the floor, especially around the new area of cybersecurity law and policy training, for example, in certificate, Masters, JD and LLM programs from U-Maryland Law.
Another theme of the conference was the graver potential consequences of cyber attack to IoT systems with the potential for property damage, bodily injuries and even deaths.
Imagine the consequences of DDOS or ransomware attack on computers controlling medical devices, public or fleet vehicles on the roads, or industrial infrastructure, from power plants to dams.
Legal and policy questions in general and cyber security in particularly are especially important with emerging technology and early markets.
Legal, regulatory and privacy concerns aren't simply business as usual compliance questions for companies like Uber, Airbnb or Google's Nest but potentially existential ones as society, cities, industries and lifestyles are transformed by new norms of transport, accommodation and living space management created by new technologies and the new types business models they enable.
In a recent NPR interview, the head of AirBnB talked about legal push back being part and parcel of innovation, from ATM machines, to VCR recorders, to cars, all of which were strongly opposed in the beginning.
Even for mature companies in mature markets, geopolitical events such as the collapse of "Safe Harbor" or the UK's "Brexit" can upends business and technology decisions around cloud architectures.
The rise of end-to-end encryption and its effect on law enforcement and national security is an ongoing societal debate that closely ties to law and policy, with even the WSJ now caveating reviews of new smartphones such as the Google Pixel with discussions of their data privacy handling.