Role of Lawyers in Cyber Exercises (RoLiCE)

PI: Mr. Jakub Harašta. 

Multiple national strategies, interdisciplinary projects, and international movements strive to bring cyber security and cyber threats to especially vulnerable groups, such as minors or elders. However, cyber security requires both knowledge (know-what) and know-how. Beside spreading knowledge about threats, it is especially important to spread know-how. This statement applies not only to especially vulnerable groups that often lack both knowledge and know-how, but also to highly qualified and skilled personnel responsible for maintaining cyber security.

The proposed research aims to investigate the role of lawyers in different types of exercise and within different positions with specific research questions formulated as follows:
1) What is the role of lawyers in cyber security exercises as perceived by traditional participants (IT professional in case of Full Live exercises, decision makers in case of Table Top exercises)?
2) What is the role of lawyers in blue teams as perceived by participating lawyers?
3) What is the role of lawyers in white teams as perceived by participating lawyers?
What is the expected knowledge and know-how to be communicated from lawyers during exercise?

Data will be collected by semi-structured interviews with individuals and organisations
participating in cyber security exercises, regardless of whether they act as members of white team or blue team. Ultimate goal is to develop, based on analysis of collected data, (1) framework for
involvement of legal professionals in different types of cyber security exercises; (2) evaluation of models currently being used in exercises where lawyers are involved (e.g. NATO CyberCoalition); (3) proposal for improvement of current exercises where lawyers’ engagement is limited (e.g. Locked Shields); (4) examples of legal injects to be used in various models of engagements of legal professionals.