CERIAS Security Seminar: The Need for Legal Education within a Cybersecurity Curriculum

The Center for Education and Research in Information Assurance and Security
September 22, 2021
4:30 PM - 5:30 PM
Zoom

Description

Speaker:
Paula deWitte
Texas A&M University

Abstract:

Anecdotally, most cybersecurity curricula is based on the technical aspects of protecting, defending, and responding to cyber attacks.  While these courses establish a solid foundation in the technical aspects of cybersecurity, what is often missing is establishing a foundation in cybersecurity law. Every individual who puts their hands on a keyboard operates within an uncertain ethical and legal framework. What we do not need is the type of education to produce more lawyers, but rather the type of education to produce more legal-savvy technical workers. Today’s tech workers are exposed to more personal information as well as intellectual property – both targets in cyber attacks. They are expected to protect critical infrastructure and design with security “built in.” Yet, we do a poor job teaching the legal requirements as well as limitations imposed by law on building in privacy protections.

For the past four years, the speaker has taught Cybersecurity Law & Policy to several hundred computer science and engineering students as well as those from business, architecture, technology management, and government policy. I began this course by conducting a data analytics exercise on the NIST NICE Framework to determine what work roles require legal training. The results were quite surprising as even very technical roles such as Threat Analysis and System Architecture require knowledge of laws, policies,and ethics as they relate to cybersecurity and privacy as well as knowledge of investigations.  The feedback from graduating students who take on cybersecurity roles is that they are uniquely qualified to understand the necessity of compliance within their respective roles.

This presentation will discuss the basis for legal education as well as a roadmap for how to incorporate such legal education within a cybersecurity curriculum to build the workforce necessary for the current cybersecurity environment.

About: Paula S. deWitte, J.D., Ph.D,. P.E., is an Associate Professor of Practice in the Computer Science and Engineering Department at Texas A&M University, College Station and the Maritime Business Administration Department at Texas A&M University, Galveston where she is building the maritime cybersecurity program. As well, she is an Adjunct Professor of Law at the Texas A&M University Law School, Fort Worth.  She is a licensed attorney (Texas) and a registered patent attorney (USPTO). She holds a Bachelors and Masters from Purdue University where in 2015 she was honored as the Distinguished Alumna in the Department of Mathematics, School of Science.  She obtained her Ph.D. in Computer Science from Texas A&M University (1989) and a law degree from St. Mary’s University (2008).  She holds a patent on drilling fluids optimization [US Patent US 8812236 B1]. She teaches Cybersecurity Law, Cybersecurity Risk, and Marine Insurance Law. Her research interests are in those areas as well as in building resilient systems especially in the supply chain.

The weekly security seminar has been held every semester since spring of 1992. We invite personnel at Purdue and visitors from outside to present on topics of particular interest to them in the areas of computer and network security, computer crime investigation, information warfare, information ethics, public policy for computing and security, the computing "underground," and other related topics. More info

Contact Details

Event Website

https://www.cerias.purdue.edu/news_and_events/events/security_seminar/details/index/2v26o8rsjtas2i6oeljo5mfmks@google.com

Add to calendar