I’ve mentioned before that the focus of this doctoral program I am nearing completion with is focused on cyberspace law in the federal and international law sectors. There are a few things about what I have learned that are hysterical from my particular perspective. First, these technology courses I am participating in are really almost rudimentary in nature. I’m being kind when I say rudimentary. I had similarly constructed coursework for my bachelors level coursework back-in-the-day. Now, I’ve always been aware that the almost universal law in the universe is that lawyers are “tech-tards” and this has been one of the catalysts for my interest in law school. I think it would be great to practice law with my sights on corporate anywhere keeping them honest or else shredding those that would attempt to hide their crimes behind technology. Trust me when I say that I’ve seen plenty of it in my career! There is a parallel I’ve become aware of and it is that in my vocation as a security practitioner, there are others in the field who “play doctor” but are not truly qualified because they lack both the experience and the critical thinking skills unique to bona fide security experts. Similarly, there are lawyers who “play doctor” and pretend to understand information security challenges such as digital forensics just because they care able to successfully use an email application or browse Westlaw.com. If lawyers are going to be competent within the cyberspace arena, part of the current or post degree curriculum must include technology courses covering forensic investigations, technology architecture, database design, application assessment, vulnerability assessment, software development life cycles, change control and internet-working concepts.

The second point is zeroed in on those technology courses. There are effectively just two courses concentrated on technology that would give anyone earning their doctorate level technology law degree. I suggest to you that we are perpetuating a race of legal tech-tards. I challenge the education system to raise the bar, pun intended, and either augment the curriculum with the coursework I mentioned above, or require pre-qualification into those areas prior to admitting anyone into cyberspace law. Doctors are not allowed to operate unless they are licensed surgeons right? Lawyers should not adjudicate cases dealing with technology based crimes unless they are licensed in the information security arts or at least have qualified geeks on the payroll who are stunt doubles.

Time will tell whether or not I am “Playing Doctor” in the legal arena but I am very confident in the information security space I’ve made a career from.