The New Kid in Class
While resources have emerged for corporate general counsels and practicing lawyers to learn more about cybersecurity, law schools are also making changes to their curriculum to give students opportunities to learn about cybersecurity and technology as part of their overall legal education.
Law schools such as Columbia, Georgetown, the University of Maryland, and Seton Hall have added cybersecurity courses. At the Indiana University Maurer School of Law, cybersecurity is being taught in two courses for law students—one focused on national defense and intelligence, the other focused on private sector and critical infrastructure.
For students who wish to specialize in this area, the school is also offering expanded curriculum in six to eight additional courses that apply to cybersecurity. For example, the Maurer School made arrangements with the university’s business school to teach risk management and with the informatics school to teach introductory courses geared towards law students.
Through this curriculum, students get a chance to learn about the architecture of networks and computer systems to give them the vocabulary they need to speak to technology professionals.
The school is also taking a hands- on approach by creating a network against which students can launch cyberattacks. “The idea is to give them some practical experience and understanding of what they’re otherwise just talking about at a sort of high-level policy,” says Fred Cate of the Maurer School.
Along with enhancing technology classes for law students, the school is also focusing on teaching students how to communicate with others in the corporate sector. For example, last year the school hosted its first security and privacy practicum taught entirely by chief security officers, chief privacy officers, and chief information security officers from industry and government.
“They taught about the substance of these issues, but they also taught a lot about the skills you need—like working in a team, being able to persuade rather than compel people to do something, how to build consensus around a change that might heavily impact other business units,” Cate adds.
This approach to curriculum addresses the skills that Harvey Rishikof, chair of the American Bar Association (ABA) Standing Committee on Law and National Security, says modern lawyers will need in the future.
“The modern lawyer is going to have to have a sense of the current and a sense of currency about what the regulations and the rules are inside the cyberspace for their firms or for their clients,” according to Rishikof.
As the cochair of the ABA Cybersecurity Legal Task Force, Rishikof says this approach is necessary to meet the demands of cybersecurity law.
“I see in the future more and more interaction between the disciplines of law, business, and computer science,” Rishikof explains. “We have to help educate the next generation to have a sound familiarity in the three areas because of how intertwined they are.”