Human Factors in Information-Age Trade Secret Protection

[Excerpt] Trade secret information security involves a multi-dimensional array of human, legal, and technological factors. I argue that organizational culture, employee policies, and other human factors are fundamental prerequisites to the successful implementation of legal and technological security measures. After a brief introduction to trade secret law for the nonlegal reader, I present an overview of trade secret litigation and an analysis of computer hacking strategy to emphasize the extent to which the legal and technological dimensions of trade secret information security are predicated on human factors. I conclude with a discussion of how human resource policy can engender cultural sensitivity to trade secrets and mitigate the risk of information leakage

Case Study on an Investigation of Information Security Management among Law Firms

The integrity of lawyers trust accounts as come under scrutiny in the last few years. There have been many incidents of trust account fraud reported internationally, including a case in Australia, where an employee of a law firm stole $4,500,000 from the trust funds of forty-two clients. Our study involved interviewing principles of ten law companies to find out solicitors’ attitudes to computer security and the possibility of breaches of their trust accounts. An overall finding highlights that law firms were not current with technology to combat computer crime, and inadequate access control was a major concern in safeguarding account data. Our conclusions revealed the urgent need for law firms to adopt security controls, implement information security policies and procedures and obtain cooperation from management to communicate these policies to staff

Vol. 32, No. 8, October 26, 1983

•Faculty Finds Right Stuff in Krier and White •Security Tightened; I.D.s Checked •Dunn Reviews BLSA Activities •Law Review Staff Eats, Listens •BLSA President Reveals Student Role in Recruiting •Notices •Security Guards Must Cool Out •Computer Criminals Exploit Anonymity •Crossword •Byrd, Davis, Monk & Coltrane: Hiring? •Pros, (Ex)Cons of Law School •Law in the Ra

Trust Account Fraud and Effective Information Security Management

The integrity of lawyers’ trust accounts has come under scrutiny in the last few years. There are strong possibilities of information technology security breaches happening within the firms, either accidental or deliberate. The damage caused by these security breaches could be extreme. For example, a trust account fund in an Australian law firm was misused in a security breach in which Telstra charged A$50,000 for phone usage, mainly for ISD calls to Hong Kong. Our study involved interviewing principals of ten law companies to find out solicitors’ attitudes to computer security and the possibility of breaches of their trust accounts. We simultaneously carried out a survey to see if the trends identified in our case-studies could be backed up with broader quantitative data. We have also conducted in-depth interviews of five trust account regulators from the Law society of South Australia to know their view points on security threats on trust accounts. An overall finding highlights that law firms were not current with technology to combat computer crime, and inadequate access control was a major concern in safeguarding account data. Our conclusions revealed the urgent need for law firms to adopt security controls, implement information security policies and procedures and obtain cooperation from management to communicate these policies to staff

Cyber Operations and the Jud Ad Bellum Revisited

The article discusses the international law\u27s governance of cyber operations as of July 2011, focusing on the application of Article 2(4) of the United Nations (UN) Charter and customary international law to cyber operations, as well as the UN Security Council\u27s potential role as an enforcement agency in regards to computer network security threats. The U.S. Cyber Command (USCYBERCOM) is also mentioned

Cyberterrorism: A postmodern view of networks of terror and how computer security experts and law enforcement officials fight them.

The purpose of this study is to investigate how cyberterrorists create networks in order to engage in malicious activities against the Internet and computers. The purpose of the study is also to understand how computer security labs (i.e., in universities) and various agencies (that is, law enforcement agencies such as police departments and the FBI) create joint networks in their fight against cyberterrorists. This idea of analyzing the social networks of two opposing sides rests on the premise that it takes networks to fight networks. The ultimate goal is to show that, because of the postmodern nature of the Internet, the fight between networks of cyberterrorists and networks of computer security experts (and law enforcement officials) is a postmodern fight. Two theories are used in this study: social network theory and game theory.This study employed qualitative methodology and data were collected via in-depth conversational (face-to-face) interviewing. Twenty-seven computer security experts and law enforcement officials were interviewed. Overall, this study found that cyberterrorists tend not to work alone. Rather, they team up with others through social networks. It was also found that it takes networks to fight networks. As such, it is necessary for experts and officials to combine efforts, through networking, in order to combat, let alone understand, cyberterrorist networks. Of equal relevance is the fact that law enforcement agents and computer security experts do not always engage in battle with cyberterrorists. They sometimes try to interact with them in order to obtain more information about their networks (and vice versa). Finally, four themes were identified from the participants' accounts: (1) postmodern state of chaos, (2) social engineering, (3) know thy enemy, and (4) the enemy of my enemy is my friend

The Law and Economics of Cybersecurity: An Introduction

One of the most controversial theoretical issues of our time is the governance of cybersecurity. Computer security experts, national security experts, and policy analysts have all struggled to bring meaningful analysis to cybersecurity; however, the discipline of law & economics has yet to be fully applied to the issue. This introduction presents work by leading national scholars who examine this complex national security challenge from a law and economics perspective. The focus spans from a discussion of pure market solutions to public-private issue analysis, providing a valuable basis for policy considerations concerning the appropriate governmental role on the issue of cybersecurity