Someone who wants to become a security expert witness can take advantage of a key set of principles often recommended by experienced security experts. These involve knowing a great deal about security, as well as understanding the relevant legal processes and having legal experience. There are also additional ways to help jumpstart a career as a security expert witness, having to do with advanced technical degrees and certifications for various types of security technology.
Public speaking experience can be helpful for a security expert witness.
A great idea for someone who wants to become a security expert witness is to choose a specialty. Those with a specialty in particular security areas, such as cybersecurity, public event security, or national border security, will often go further in their careers than those with a broader spectrum of skills. Having advanced degrees and certification in these specialties will give a person an even greater opportunity for success.
Relevant certifications and accreditations will generally help improve someone’s chances of becoming a security expert witness. For example, in the growing field of cyber security, a large number of certifications can be beneficial. In another type of major field of security, certain certifications related to the use of firearms can be very practical for someone who wants to become a security expert witness.
In addition to particular titles and qualifications, someone who wants to become a security expert witness will want to develop specific skills related to their field and specialty. Experienced cybersecurity experts point to examples such as “critical controls,” cybersecurity elements that seem most useful and necessary within that field. These include issues like handling malware, monitoring systems effectively, providing data loss prevention, and inventorying hardware and software. Network security skills can also be very helpful.
In addition to all the skills and education that people bring to a career as a security expert witness, there is also the idea of being connected to the legal field. Those who have been in a courtroom before may have a head start. Experience speaking with people who do not have technical experience (like most judges and jurors) and the general ability to speak in public can also give a security expert witness an advantage. Someone with experience in making complex technical concepts easy to understand for general audiences is likely to be more successful as an expert witness than someone who understands technology but can only communicate effectively with engineers.
With all this in hand, someone who wants to do security consulting as an expert witness can effectively advertise their services. They may communicate through websites, word of mouth, or other means of business communication. They may provide background information in the form of testimonials, references, or other reputation-based information that can help them attract future clients and testify about security issues in a court of law.
A good example of a cyber security expert witness is Joseph Steinberg, who has established multiple companies producing security products. User Authentication, for example, is a key area of focus for Green Armor Solutions, which he founded nearly 20 years ago. He also invented technologies to safeguard people’s social media presence for which he founded the company SecureMySocial. Creator of ground-breaking innovations in both fields, Steinberg has several patents covering methods to help users avoid embarrassing social media gaffes.
When it comes to security flaws, many experts are quick to sound the alarm, but Steinberg has a history of playing it cool and saying publicly, for example, that people are more likely to be struck by lightning than to experience any real harm as a result of many particular breaches after which many other “experts” were telling everyone to change all of their password. Steinberg has been consistently proven right in this regard, and, as a result, his words carry so much weight when they are quoted. He does not cry wolf like so many other people in the cyber security industry.
Steinberg is well-known for his unconventional wisdom, and for consistently being proven correct even when he disagreed with most others in his field. For instance, for many years, when everyone was saying to change passwords frequently, Steinberg said not to. The same can be said about complex passwords; he spoke out against their use, arguing that they are theoretically better but, in practice, are worse. In the last few years, many other experts have adopted his perspective.
Steinberg previously wrote columns about cybersecurity for Forbes and Inc. but has since moved his column to his own website, where it has become incredibly popular, with millions of monthly pageviews and a reputation as one of the best-read columns on cybersecurity.
Those who seek employment as cyber security expert witnesses usually have a background in computer science, information security, electrical engineering, IT, and/or computer forensics. In the context of a contemporary court case, digital evidence is practically indispensable. Litigants frequently rely on cyber security experts to determine the authenticity and use of this electronic evidence, which includes any stored or transmitted information that may be relied upon in court. Some examples of cases requiring a cyber security expert witness are:
- Software patent infringement suits
- A data breach in the healthcare industry, where sensitive information was exposed to an unauthorised third party;
- The private keys used in blockchain cryptography,
- Security issues caused by ransomware,
- Cybercrime risk assessment: identity theft
- Confidential business information concerning computer systems
- a breach in a telecommunications provider’s computer system,
- Theft of Trade Secrets by an Employee due to Vulnerability in Computer Security
- Unauthorized Bitcoin transactions, and a lawsuit involving a large group of people concerning the evaluation of operating system security.
Are there specific requirements to become a cyber expert witness?
A cyber security expert witness needs to know their stuff, but they also need to be able to explain it to laypeople and hold up under cross-examination. Law firms may seek out a security expert witness with trial experience in high-profile cases or cases with substantial financial stakes. The Security Industry Association (SIA), Center for Internet Security (CIS), Cloud Security Alliance (CSA), Cybersecurity Advisors Network (CAN), The Internet Security Alliance (ISA), and the National Technology Security Association are all examples of organisations whose members are likely to be knowledgeable and up-to-date on industry events and technological developments (NTSA).
A cyber security expert witness’s involvement in litigation may involve anything from a simple review of the relevant technology to the creation of a full-fledged expert report and even formal courtroom testimony. It is not uncommon for law firms to seek the advice of computer scientists and information security experts prior to filing a lawsuit.
Expert witnesses in cyber security are available for consultation on issues related to data breaches, data privacy, cyber security standards, and cyberlaw, as well as failures to prevent computer crimes involving the Internet, unauthorized access to computer systems and data connected to the Internet.
Experts in cyber security may offer forensic services concerning various forms of “computer hacking,” such as phishing, viruses/trojans and other malicious software programmers, keyloggers, Denial of Service (DoS) attacks, waterhole attacks, fake WAP, eavesdropping (Passive Attacks), ClickJacking attacks, cookie theft, bait and switch hacks, and so on. Information protection from all (non-physical) threats to data integrity and data system availability can be discussed with these cyber security professionals. This includes data kidnapping and ransom attacks (such as ransomware) and other forms of damage to data and systems from criminals working outside or inside computer networks. These professionals may also offer their thoughts on data privacy and compliance with privacy standards, such as the disclosure of sensitive information on purpose, the failure to take reasonable precautions to prevent the loss, theft, or compromise of sensitive information, and the failure to comply with applicable policies regarding data breaches and the reporting of such incidents. Forensic advice on data breaches, software/network process violations, and other issues related to data protection laws and industry standards may be provided by these cyber professionals.
