Everyone Is Thinking about It
| Author | Donna P. Suchy |
| Position | Donna P. Suchy is chair of the ABA Section of Intellectual Property Law. She is managing counsel, intellectual property, at Rockwell Collins in Cedar Rapids, Iowa. At Rockwell Collins, she is responsible for developing and implementing patent corporate strategy, litigation, due diligence, and advising corporate management on the legal and... |
| Pages | 3-10 |
Published in Landslide® magazine, Volume 9, Number 3, a publication of the ABA Section of Intellectual Property Law (ABA-IPL), ©2016 by the American Bar Association. Reproduced with permission. All rights reserved. This
information or any portion thereof may not be copied or disseminated in any form or by any means or stored in an electronic database or retrieval system without the express written consent of the American Bar Association.
The devices, instruments, and
technology we use today are
increasingly complex, and the
huge amount of data generated is difcult
to comprehend—and even more difcult
to protect. Cybersecurity is on everyone’s
minds, and it’s especially on the minds of
lawyers and those we represent.
In the aviation industry, for exam-
ple, one aircraft generates hundreds of
gigabytes of sensor data per day. Global
mobile data trafc grew 74 percent in
2015 and reached 3.7 exabytes per month
at the end of 2015. Mobile data traf-
c has grown 4,000-fold over the past 10
years and almost 400 million-fold over
the past 15 years.1 To put this in perspec-
tive, ve exabytes will store all the words
ever spoken by human beings. Tom Lan-
dauer estimated that the brain holds about
200 megabytes of information. For exam-
ple, in 2015 we were exchanging more
than three times the brain capacity of the
world’s population monthly, and over the
course of a year, more than 36 times the
total memory of humans alive.2 Corpora-
tions and law rms transmit exabytes of
sensitive data worldwide every second that
are exposed to misuse and theft by anyone
who can access the Internet. The challenge
is to use technology for good not evil, by
using the latest technological develop-
ments to protect data from illegal hacking.
In April 2016, an American Bar
Association (ABA) meeting and arti-
cle3 studied the threat to law rms.
Over the past few years, law rms have
fallen victim to simple, easily prevent-
able data breaches.4 Those of us who
have practiced in this area are familiar
with terms such as bruiting, password
hashes, malware, phishing, reverse
shells, and SQL injection attacks. Dan-
gers can come from many places,
including organized crime, cyber
thieves, hackers, malicious insiders, and
busy or careless employees. Malicious
actors use phishing e-mails, phones,
websites, equipment, smart devices,
wearable devices, and software.
In order to keep up with these
threats, attorneys and all legal pro-
fessionals must rst understand the
technology they use and understand
the technical standards designed by the
IT community to ght cybersecurity
threats. Then we should work together,
in our organizations and in the legal
forums, to team up and fast track laws
that will impact our corporations and
rms and their ability to prevent “cyber
misuse” and hacking.
Some Background
There are a number of federal agencies
working hard to help protect our com-
panies and rms from cyberattacks.
Currently, the FBI is responsible for coor-
dinating effective responses in America
by investigating high-tech crimes, includ-
ing cyber-based terrorism, espionage,
computer intrusions, and major cyber
fraud. The FBI will continue to gather
and share information and intelligence
with public and private sector partners
worldwide as long as it receives effective
updates from the rms and corporations.5
The U.S. Securities and Exchange Com-
mission (SEC) adopted Regulation S-ID6
in 2013 to protect individuals’ nonpub-
lic personal information (NPI). The SEC
requires consideration of cybersecurity
risks. As part of the Cyber Intelligence
Sharing and Protection Act of 2013, the
Department of Homeland Security (DHS)
was designated as the lead civilian federal
entity to receive cyber threat information.
Prior to 2013, cybersecurity threats
put condentiality, integrity, and avail-
ability of critical services at risk. The
DHS, along with its government and
private sector partners, was tasked with
countering cyber threats while sup-
porting a cyber ecosystem that is open,
transparent, and less vulnerable to
manipulation. On May16, 2013, the
DHS National Cybersecurity and Com-
munications Integration Center (NCCIC)
announced plans to protect critical U.S.
infrastructure from cyberattacks by
coordinating private sector cyber threat
information sharing. The NCCIC contin-
ues to provide comprehensive and robust
information sharing, incident response,
technical assistance, and analysis capa-
bilities to private sector, government,
and international partners.7
After 2013 and the formation of
the NCCIC, U.S. corporate attorneys
became much more aware of the danger
cyber theft posed to their organizations.
The federal government studied these
issues and consolidated the responsibil-
ity in specic teams reporting directly
to top management, as a well-pro-
tected organization is less likely to be
victimized and stands to attract more
security-aware customers as it is bet-
ter positioned to deliver services with
effective and secure technology. The
advice of cross-disciplined teams usu-
ally includes both corporate attorneys
and IT specialists because both legal
and technical issues are involved.8
Law Firms Are Targets
One investigation of a Russian cyber theft
revealed that 13 of the top 15 most pres-
tigious law rms were on a list of targets.
Why did the hackers focus on corporate
law rms and not on other groups? One
Donna P. Suchy is chair of the ABA Section of Intellectual Property Law. She is managing
counsel, intellectual property, at Rockwell Collins in Cedar Rapids, Iowa. At Rockwell
Collins, she is responsible for developing and implementing patent corporate strategy,
litigation, due diligence, and advising corporate management on the legal and operational
implications of IP laws. She can be reached at donna.suchy@rockwellcollins.com.
Perspective
By DonnaP. Suchy
Everyone Is Thinking about It
Continued on page 7
To continue reading
Request your trial