17 December 2015
Raj De has a long background in national security and with the U.S. Department of Justice. “Serving as staff secretary to President Obama piqued my interest the most. I reviewed all the papers that went to the president, including security briefings. I got to see how big the threats are.”
De next served as general counsel to the National Security Agency. “At the NSA, I was involved in three major areas of cybersecurity: making sure our intelligence community had the legal tools it needed to think about the emerging and evolving cyberthreat, helping to think through information assurance issues to make sure we protected the classified systems that the military and intelligence communities use and helping build the legal structure that other parts of the government use to deal with the types of hacks we read about every day.” At Mayer Brown, De tries to think about cyber issues more holistically. “Rather than going straight to thinking about breaches, we want to consider how boards of directors are set to deal with supply chain and training issues.”
De sees an evolution of cyberthreats. “It used to be about exploitation and theft, and then it started to be layered with disruption or destruction, such as the destruction at Sony. Many are now worried about the threat of manipulation—of data, data integrity or even physical items, with the Internet of Things.” There has been an increased focus on putting in place better mechanisms for evaluating cyberrisk. “There’s a lot of faith being put in the insurance industry to build models, but it will depend on the right data becoming available.”
Reprinted with permission from the December 14, 2015 edition of The National Law Journal ©2015 ALM Properties, Inc. All rights reserved. Further duplication without permission is prohibited.