CyberWire Daily - Miriam Wugmeister: Technology's not as complicated as you think. [Data Security] [Career Notes]

Starting point is 00:00:00 You're listening to the Cyber Wire Network, powered by N2K. and VPNs, yet breaches continue to rise by an 18% year-over-year increase in ransomware attacks and a $75 million record payout in 2024. These traditional security tools expand your attack surface with public-facing IPs that are exploited by bad actors more easily than ever with AI tools. It's time to rethink your security. Thank you. Learn more at zscaler.com slash security. Hello, my name is Miriam Wugmeister. I am the co-chair of Morrison & Forrester's Privacy and Data Security Practice. I was one of those kids who really had no idea what I wanted to do when I grew up. I was a philosophy major in college after starting out doing chemical engineering. So I really had no idea what I wanted to do.

Starting point is 00:02:01 The good news is because I started as chemistry, I actually took a lot of science before I switched. So obviously I took a lot of physics and a lot of math and a lot of chemistry. So that's actually served me remarkably well, even though I ended up studying philosophy. I started doing management consulting because seriously, I had no idea what I wanted to do. And so what do you do when you graduate and you don't know what you want to do? You go into consulting. And so what do you do when you graduate and you don't know what you want to do? You go into consulting.

Starting point is 00:02:27 I did that for two years. And then I actually worked for a company that made software for personal computers. I ran the marketing department of this small computer software company. I realized that the thing that I liked the most between those two jobs was all the problems that people thought about at work. The commonalities, the part that I found the most interesting in my two jobs was organizational structure and how did problems get solved and who worked with who. And I decided the thing to do, of course, is to go to law school. I really went to law school to think about those kinds of employment law issues and really with a focus on issues facing women in the workplace. And actually, when I graduated, I became an employment lawyer. That actually made sense,

Starting point is 00:03:16 right? I went to law school with that intention, and that's actually what I did when I got out of law school. After doing employment law for about 10 years, doing employment litigation, I got asked to work on a project where a company was trying to figure out how to centralize all of its personal information about employees in one data center. And the person who was working on it needed somebody who could talk the talk about to employment lawyers and to HR people. And I'm like, I can do that. I didn't know anything about privacy, but I knew a lot about employment law. So she and I started working together and I thought it was such a fun area. Then I started doing consumer privacy. Then I started doing cybersecurity. Now I do ethical AI.

Starting point is 00:04:10 We're thinking about what are the issues that are coming up next for quantum computing. So really, it's just that my practice has just evolved from thinking about privacy really into doing cyber and thinking about more ethical technology. And that's really how I spend my time now. A big part of my practice is helping companies prepare for and respond to significant cyber events. So thinking about what are the kinds of threats that are out there? What do you do if bad guys get into your system? So I do a lot of counseling all around cybersecurity, both preemptive and after there's an incident. The other part of my practice is really thinking about cutting edge technology and what are the right way to use it in terms of complying with

Starting point is 00:05:13 the law. So, so much of what we do is looking at what the law is likely to be and what is the right thing to be doing. I talk about ethics. See, going back to my philosophy major, right? It actually comes full circle. I spend a good portion of my day every day talking to people about what's the right thing to do if you're collecting a million data points a minute and you can aggregate that information

Starting point is 00:05:41 and how do you use that to make the world a better place? So many of the areas where I work are gray. So for example, if you collect lots and lots of information of what people search on the internet, that can be used for really creepy purposes, but it can also be used to predict where there's going to be an outbreak of flu. You can collect information off an airplane and or off a train and aggregate all that information and then predict when a particular component of the airplane or the train is going to break down and use that to appropriately maintain the plane or the train before there is a problem. So, you know, you use it for preventative maintenance. But in order to do that, you have to gather all that information. Collecting information isn't a bad thing. It's how you use it.

Starting point is 00:06:45 And there are lots of companies that are motivated by all different kinds of things. But if they're motivated to do the right thing, I'm happy to help them. technology is not nearly as complicated or scary as the technology people tell you it is and particularly for women for young women a lot of young women young men too but a lot of people say oh i can't do data security because I don't know how to code. And the answer is, you don't have to. You have to be smart. You have to be willing to ask questions. You have to be willing to admit what you don't know.

Starting point is 00:07:34 But this area is a fantastic area for young people because the law is just developing. We're all learning it together, literally at the same time. So I think privacy, cyber technology, it's just, it is a great place for certainly young lawyers and also just young people in general, because I think that it's such an exciting time. I do hope that people will think that I made my patch of the garden a little bit greener. I have worked very hard to encourage women and diverse lawyers to come into this area to thrive. A lot of people think, oh, law firms are terrible places for women and for diverse lawyers. And I don't think that's true. I think there are really effective ways to make it work. And I hope that that will be viewed

Starting point is 00:08:32 as a helpful guide in trying to help people think through those issues and deal with those issues and protect their privacy. I hope that people will have learned, because it is really core to our practice, that those issues, the ethical issues, the doing the right thing, that is essential to being a good lawyer. And that we take that seriously and that the clients with whom we have worked also take it seriously. So I think that's another way that I, you know, I hope that I've added to the world. And now, a message from Black Cloak. message from Black Cloak. Did you know the easiest way for cyber criminals to bypass your company's defenses is by targeting your executives and their families at home? Black Cloak's award-winning digital executive protection platform secures their personal devices, home networks, and connected lives. Because when executives are compromised at home, your company is at risk. In fact, over one-third of new members discover they've already been breached. Protect your executives and their families 24-7, 365,

Starting point is 00:10:12 with Black Cloak. Learn more at blackcloak.io.

CyberWire Daily - Miriam Wugmeister: Technology's not as complicated as you think. [Data Security] [Career Notes]

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.