The Defendant, The State of Maine, utilized a fairly unheard of legal principle, the “Neighbor Policy”. Defense argued that AT&T and WorldCom, both telecommunication providers like Verizon, applied the patches as recommended by Microsoft and neither of these parties filed suit because they were not harmed. This information was utilized to attack Verizon’s claim and the judge not only found in favor of the defendant but also went on record to state that these types of attacks are foreseeable and preventable.
Even though the defense won, they lost. Consider how much money was spent on legal representation in protecting their position? Still think you’re ready for court? Given the United States current legal landscape and what is now being framed for certain case law, perhaps the use of legal counsel should be rethought. Rather than rely on legal representation post facto, consider utilizing it preemptively while designing, managing and executing your business’ security posture. If in-house counsel is not trained or experienced enough in understanding this critical area, it is then wise to utilize independent legal representation.
Very few law firms specialize in this area, and only a handful or attorneys are skilled enough as litigators in information security. Because of this the legal community is rapidly embracing information security and understands a market exists for such practices. In fact, the American Bar Association has printed materials for standards on this subject matter. Rather than conduct business as usual and rely on the odds - which are not in your favor. It would be wise to understand that the cost of defining why you shouldn’t or cannot afford to apply prudent security strategies often equals or surpasses why you should. Hackers are no longer interested in the spectacle of breaching a system and winning praise from peers. The hackers of today are more organized, better funded, work in groups without national boundaries, including organized crime, and are setting their sites on you.
Still think you’re ready to go to court?
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.