Former Senator Joseph Lieberman with Dean Matthew Diller
Former Senator Joseph Lieberman Visits Cardozo to Speak on Cybersecurity during Cardozo Law's Tech Talks Series
By Janice Weber
November 17, 2014
Dean Matthew Diller welcomed former Senator Joseph Lieberman, now chair in public policy and public service at Yeshiva University, to Cardozo as the featured speaker of the fourth installment of the law school’s Tech Talks series, The Emerging Law of Cybersecurity.
“Joe Lieberman has been at the forefront of efforts to balance free speech concerns with national security ever since the terrorist attacks of September 11 brought these issues so painfully to the public arena,” said Dean Diller. “He is one of the first leaders in Congress to recognize the need for legislation addressing cybersecurity issues, sponsoring legislation in 2012 aimed at protecting the nation from cyber attacks.”
Sen. Lieberman shared his unique experience and insights on cybersecurity, honed post-9/11 during his tenure as chairman of the Homeland Security and Governmental Affairs Committee. “My interest in cybersecurity came through the door of Homeland Security and the committee I was privileged to chair,” said Senator Lieberman, “but the more I’ve gotten into it the more complicated and broader is the perspective one has to have.”
“Cyberspace is a big, booming, chaotic new domain in which the law can and must create order out of chaos,” said Lieberman. The Internet is relatively new, he said, but it has already become “a laboratory, some might say a battleground, for the application of existing law and the development of new law to achieve order and, more broadly, to protect rights and interests in cyberspace.” With all of the good that the Internet has brought to society, there is a downside: “Today, in addition to threatening our safety, cyber criminals have unleashed a torrent of attacks aimed at stealing our money, intellectual property and our most sensitive private information.”
Because we are a free-enterprise economy, noted Lieberman, 85 percent of the critical infrastructure in this country is owned by the private sector, “and that vital infrastructure is what an enemy that wants to incapacitate us would strike.” In all too many cases, he said, cyber attackers have succeeded because “companies have simply not invested adequate funds to secure the cyberspace that they own—as a result we are all vulnerable.”
Sen. Lieberman, along with Sen. Susan Collins (ME) and others, introduced legislation in 2011 and 2012 aimed at bringing government and the private sector together in a collaborative effort to stop the threat. “It was first an attempt to mandate that companies adopt best practices, and when that looked like that had not a prayer, we changed it into a voluntary incentive program, and not even that worked.” Despite the failure to pass legislation in Congress, Lieberman remains adamant in his call for the private sector to cooperate and collaborate with the government on issues related to cybersecurity. “It’s really in everyone’s interest, but it’s not easy to do; too many businesses have portrayed such laws as just one more example of government overreach and regulation.”
However, that attitude has begun to change. “The magnitude of damage and potential liability resulting from cyber attacks has really begun to move many companies to be more proactive in making investments in upgrading their technology of their security systems.” As an example, he noted that JP Morgan Chase, after a major security breach compromised the contact information of 76 million households and about seven million small businesses, announced plans to double spending on cybersecurity over the next five years. In addition, said Lieberman, “The Wall Street Journal reported companies spent over $12 billion in protecting their networks and other cybersecurity efforts of recent years.”
Businesses are waking up to the fact that they could face enormous liability if they are suddenly attacked and cannot prove that they have adequately secured their systems; plaintiffs’ lawyers are actively pursuing recovery following cyber intrusions. “It’s a whole new field of battle for an old school of law,” said Lieberman. These lawsuits, and the burgeoning area of cyber insurance, create significant incentives for companies to proactively invest more capital in limiting liability by better protecting their systems against hackers. “For that reason, I welcome them.”
In addition to data breaches and hacking threats to the private sector, Lieberman cited two even more destructive and certainly more dramatic threats: cyber theft of money and intellectual property by hackers and attacks on the country’s cyber infrastructure by state or non-state enemies of the United States.
“The dollar amount lost due to cyber theft is hard to estimate because so little of it is reported,” Lieberman said, “but experts have said that it’s hundreds of billions of dollars.” He cited Gen. Keith Alexander, former director of the National Security Agency and commander of the U.S. Cyber Command, who said, “The intellectual property that has been stolen from America over the last decade or two represents the largest and most rapid involuntary transfer of wealth in human history.” Cyber attacks by hostile nations or non-state actors pose an even more “nightmarish” scenario, Lieberman said: “The Internet and Internet technology have made such a leap forward that all of our critical cyber systems—financial, telecommunications, transportation, energy—are all subject to incapacitating attack.”
The Internet has created new vulnerabilities and new risks along with amazing new opportunities and benefits, Lieberman said in closing. “Traditional tort law and criminal law is now being used to hold companies and individuals accountable for their negligence and lawlessness in cyberspace.” Ultimately the solution is going to be a mix of private litigation and insurance to incentivize better practices and the development of new laws to improve cyber security. “For those of you who are law students, I can predict with confidence that cyber law will be a growing part of your professional lives.”
