2017 has been another frenetic and significant year for the technology sector. In this series, TechKnowChat Editor Sonia Sharma sits down with members of our Technology team to discuss the major issues of 2017 and what to look out for in 2018.
In our second instalment, Special Counsel (and Joni Mitchell fan) Sean Field discusses the importance of taking a “cyber resilience” approach, the “fourth revolution” of Artificial Intelligence and why your organisation needs to have a clear understanding about its cyber insurance coverage.
It has been a particularly busy year for you, which included you jetting off to the United States for the NIST Cybersecurity Framework Workshop. What was your key takeaway from that conference?
The key takeaway for me from the NIST workshop was the need for the public and private sectors to work together in addressing cybersecurity issues. For example, the way that NIST provides leadership and engages with stakeholders in this area appears to me to be a model that works very well. In Australia all levels of government have made significant progress in this type of dialogue over the last twelve months or so and I think we can continue to learn from the US experience in this regard.
We worked together this year on the launch of the Maddocks Cyber and Data Resilience taskforce and it was fantastic to see it launch officially this November. Can you share with our readers why we decided to focus on ‘resilience’ rather than ‘security’ and what that term means to you?
Thought leadership on cyber in my view means doing more than simply sensationalising the latest data breach or cyber crime. It means moving the debate to focus on resilience – preparing for, responding to and recovering from a cybersecurity incident. From a business perspective, a narrow “security” mindset may result in missed opportunities in the “data economy”. Business must exploit the opportunities offered by the data economy (many of which we don’t know about yet) to gain a competitive edge but within a framework of planning for resilience in the face of a cyber incident.
It was really interesting to read your article about Cyber Insurance and how that topic is still in its infancy in Australia. What should Australian executives and other key stakeholders be doing to get up to speed and mitigate the risks in this area?
Cyber insurance could be an effective way to lay off residual risk but organisations need to be very clear about what risks they might choose to insure. That means understanding what data your organisation holds, where it is located and what are the vulnerabilities – in other words, a risk assessment. Being educated about your own risk position is in my view an essential step before making any approach to market for cyber insurance products. Moreover, insurers will, as part of their risk assessment, want to see that a potential insured has a level of sophistication in this area as this will feed into premiums and perhaps even decisions about whether the insurer wants to take you on as a risk.
There was a lot of hype about Artificial Intelligence this year, but it really appears that AI is being put into practice to give organisations a competitive edge. What are your forecasts for AI in 2018?
We were recently fortunate to have Mr Rajiv Cabraal, Director Legal, Governance and IP, Data 61 (a CSIRO business unit) present to Maddocks on AI and Legal Tech. There was much discussion about the “fourth revolution”. Economic and technological factors seem to be coalescing in a way that will enable AI to move forward in leaps and bounds. For example, the availability and scalability of massive computing power in the cloud at affordable prices is going to crack wide open opportunities for novel AI applications during 2018 and beyond.
Can you tell us about the most interesting matter you worked on 2017? What were some of the challenges you faced?
A long-standing client of mine who is always up to something interesting in the cyber security space is establishing a storage facility for cryptographic keys for use in blockchain applications. At the moment we are advising this client on insuring against the cyber risks associated with the operation of such a facility. It should be no surprise that such a policy would be a novel form of insurance – to my knowledge no such policy has been written.
Looking towards 2018, what do you see as the biggest TMT issue clients will face?
The firm acts for both government and private sector clients and both face a number of similar challenges, albeit from a different perspective. I foresee something of a tussle looming next year over access for law enforcement agencies to encrypted communications. Providers will need to consider how to respond to existing and pending regulation in this area and a big part of this will be how they perceive their role as good corporate citizens in this debate.
On a personal note, what is the one piece of technology you can’t live without?
Well I’d quite like one of those underwater remote controlled vehicles for Christmas. Did that answer the question?
Finally, what will you be watching over the Holiday break and what is your format of choice?
As a keen (but not at all talented) guitarist it’s probably not so much what I’ll be watching as what I’ll be listening to and attempting to play. Right now I’m on a bit of a Joni Mitchell binge. Format of choice for my music – FLAC!
Read our Part 1 of our TechKnowChat end of year mini-series with Sydney Partner Brendan Coady.