As Risks Mount, Lawyers Take On Security Roles
Professor Dan Siciliano explains why lawyers can make really good CSOs and CISOs with The Recorder's David Ruiz.
The job of chief security officer is getting an upgrade.
In-house counsel, private practice attorneys and legal recruiters say they are seeing more lawyers in expanding CSO roles as companies update their C-suite lineups to deal more effectively with the costly and increasingly commonplace threats posed by hacks, breaches and the misuse of customer and corporate data.
Today's chief security officer must understand the technology used to prevent data breaches. But companies are also looking to this role—whether packaged as a CSO, chief trust officer, chief information security officer, or even digital risk officer—to quarterback enterprise-wide security measures before and after experiencing the nightmare scenarios seen at companies like Sony, Target, Anthem Health and others in recent months. In April, Uber Technologies hired Joe Sullivan as its first chief security officer. Sullivan, who had that title at Facebook, started his career as a federal prosecutor before joining the security team at eBay in its early years.
...
Stanford Law School professor F. Daniel Siciliano said that lawyers are more readily trained to work with multiple groups and explain complicated items to many people.
"Lawyers make really good CSOs and CISOs because they're really good communicators," Siciliano said. "Obviously a CISO has to have serious tech knowledge, but given a lawyer has that, they can bridge the knowledge gap that even the brightest tech genius might fall short at."