It was a mixed reaction to the recent Obama Administration statements relative to Chinese state-sponsored cyber espionage directed at U.S. commercial targets. Some said, really? Others said, that’s not new news. And a few of us said, another growing field for expert witnesses.


At about the same time as the White House statements on state-sponsored cyber attacks, President Obama signed an Executive Order directing federal departments and agencies to provide increased cyber security for the nation. The implementation contemplates an increased collaboration between government and the private sector. Also of interest for expert witnesses in this field, the Executive Order directs the National Institute of Standards and Technology (NIST) to develop a framework to reduce cyber risks to critical infrastructure, including utilities.

Not familiar with NIST? If you handle HIPAA-HITECH compliance for the pharmaceutical industry, you might be. For everyone else, NIST publishes a host of technical specifications publications, including their 500 series on computer systems technology and their 800 series on computer security. These are the folks whose essential vocabulary includes nouns like “cryptographic key management systems,” “block cipher modes of operation,” and “enterprise SSO solutions.”

Need we say more?

According to the Washington Post, there are more than two billion personal computers around the globe and another 800 million smartphones. In spite of more than 50 years of growth of personal computing, the average user could not locate a single line of code, let alone debug it.

If there is anything that is true about cases couched in cyberspace it’s that an expert witness is required. Indeed, the internet security expert witness seems the quintessential definition of an expert witness as someone possession unique knowledge or skills who can assist the trier of fact in the determination of pending matters.

Enter the cyber security expert witness. One who likely functions in a sub-specialization of topics like industry control systems, satellites, aerospace, defense, finance, or communications. It is the job of the cyber security expert witness to not only testify with the narrative of events that support the causes of action of the lawsuit, but also to translate into plain English how he knows the events that occurred to be true.

With the level of technical expertise required, the cyber security expert witness is one to get involved as soon as possible and to keep involved through every phase of the litigation. Red cape included, upon request.

By: Paloma A. Capanna, Attorney at Law