Chinook wrote: » If you follow the world of hacking you'll see there are a few very well known names who defend the hackers, constitution, etc. From what I understand they do it because they believe in the adage "innocent until proven guilty" and they're not getting rich. Beyond that, I think that overall it's a great choice. Computer security laws are ages old and need to be re-written. There is a cyber war going on out there and legal advice makes a great deal of sense even if just for the pen-testing community.
beads wrote: » @Clm; If you broadened your legal horizons to include investigative legal services I think you'd find a much larger audience. Most large, if not all global, legal practices have investigative lawyers working for forensics experts and such. These people do tend to spend a great deal of time doing two things: preparing to go to court and sitting in court. The general rule is 8 hours of preparation for every 1 hour in court. For the forensics examiner it’s generally two weeks of investigation, one week of report writing and one hour in court - per case. I have done this type of forensic work in the past and really enjoy it. Where I cannot make a steady diet of was working with a global legal firm. The perks were incredible, like late night gourmet food delivery type perks. Downside? Gum stuck on my shoe would get more respect if I were in a partner’s office explaining the intricacies of a particular finding s/he didn't like. Not that I am indicating play for play but you get what you pay for as well. In a major metropolitan city I am absolutely sure you could start a practice and eventually hire a forensics person or team and make quite the living in boutique firm. The demand is there and growing but most lawyer types are generally pretty clueless about technology - to include the 'Y's and millennials. - b/eads
dmoore44 wrote: » One thing that's always put me off from pursuing a similar route is that, unlike a MS program, a JD program doesn't really offer the opportunity to specialize in cyber - you'll be studying the same foundation material as everyone else; however, your existing experience and background should allow for an easy/easier transition in to cyber-related law. If you decide to pursue a law degree, please keep us updated here - I'd like to read about your journey. Best of luck!
TranceSoulBrother wrote: » I've tossed around the idea of Law School in my head too and what I've read is that yes, online law school qualifies you for the CA bar only but also for other states' bar depending on specific conditions like apprenticeship with a local lawyer or additional classes. State requirements will vary and you will have to check them individually. Cyber law is more than just defending hackers. You could get into policy or lobbying or in-house council for companies (although few would hire from online law school grads unless you have other qualifications). Just my opinion. Which school are you thinking about?
636-555-3226 wrote: » Any specialized law practice is a good niche to be in, esp. an up and coming one in cyber. A few warnings: Law jobs are very hard to get nowadays, so you'll really want to make sure cyber is where you want to go. Most cyber attorney jobs are held by big firms and companies, and to get into those size of companies you need to be top 10% of your class. You'll need to make sure you're top of your class not just in cyberlaw classes but also in the rest of your classes. This is going to take a lot of work/time. Obviously you'll want to find a law school that has a good cyber/ip/contract program. Law school is also very expensive. Unless you get that good cyberlaw job coming out, you're going to have a lot of debt and probably won't make as much in, say, criminal alw as you would staying in infosec. I'd avoid cheap or generic or online law schools. Mostly because you're going to need to fight to get into a big firm/org and they're going to be predisposed to taking excellent people from top-tier schools. Reputation and name brand means a lot for some of these big firms. Another person mentioned SANS/GIAC GLEG. Good for non-lawyers, not so great for lawyers. Don't spend your money on it if you're looking to go into law school.
Gess wrote: » I applied for, and am anxiously waiting to hear if I got into a Hybrid JD program. You go for one/two weeks per semester and the rest is online. ABA accredited and qualifies you to sit for the bar in every state except New York. There are other Hybrid JD programs coming online next year, I know of Syracuse off of the top of my head. I'm lucky enough that I happen to live two hours from the campus so the travel isn't a burden, but people fly in from all over the country for this program:Hybrid J.D. Program The Coast Guard is actively recruiting cyber law attorneys right now, as are many other government entities. If my plan to become a JAG falls through I may play the CISSP (and my experience) to create some kind of small consulting firm as discussed above. We'll see, the future is bright. Unrelated to to the program above, but if you do get a JD you can go back to law school and certify in cyber law with more instruction. I'm sure other schools have it as well, but the school I linked to above offers this certificate:Cybersecurity and Privacy Law Unfortunately they don't seem to offer anything cyber specific during the actual JD program. However, since you have a say in how you do your externships you might be able to work a few weeks shadowing an attorney that specializes in cyber law. If I'm accepted I'm using the GI Bill. If I can get a 20% scholarship, which should be pretty easy, it'll be fully covered.
Clm wrote: » If I do go the online route I was thinking St Francis or concord they are two biggest names. But I might be moving to Georgia next year and would be considering a school there
Clm wrote: » Awesome i was looking at this school i just cant imaging being gone for two weeks every semester i wish i could.
Chinook wrote: » What you might want to do is look up who defended guys like Jeremy Hammond, Weev, Lulzsec, etc and reach out to their lawyers expressing your interested in Cyber Law. Who knows, they might answer or direct you where to start in life.@Beads. The whole cyber "law" is so outdated it's embarrassing and it's always been that way. Look at Mitnick and what he went through. The judge thought he might whistle in a phone and launch a nuclear warhead. In the trials against other hackers much the same has happened. I keep reading about guys who point out vulnerabilities & then get arrested. Technically, if you left your PC open and had your username and password saved & I came along and logged in, I could be arrested & tossed in prison for that. The computer law, at least in the US, was created in like the 80's. Further, while I don't condone hacking (I'm a white hat with some smears in the hat) I also don't agree with guys going to prison for 30 years because they DDOS'd a website and took it offline for 40 minutes. And what really needs to be done is someone to take up the case of legally pursuing these companies who do not secure their networks. Clearly giving them advice doesn't work. Nor does them being hacked on a near daily basis. So I guess the only way to harden networks is the make companies liable for lost data & breeches. "Did they knowingly ignore the potential security risks"? I don't know if that's legally possible, but I can see it becoming a major issue in the future.
