Friday, October 31, 2014

In House Nightmares

I've not yet met a person who has never had a nightmare.  I've dreamt of aliens still my baby (while I was still pregnant with him) and a multitude of other equal crazy but frightening scenarios.  My boys wake up from nightmares induced from every scary movie they're not supposed to watch but that Daddy let them watch anyway.  And most lawyers I know have the occasional nightmare about never getting out of the student loan debt - okay, maybe that last one occurs more often when awake than asleep.  Point being we all have fears that manifest in our subconscious and affect our sleep.

In honor of Halloween, I'm going to answer a question often asked of general counsel - what keeps you up at night? Here are my top 3:

1.  An intense negotiation or high stakes deal will almost always result in the lack of sleep - even though it also results in me being extremely exhausted by the long hours and emotional roller coaster every one of these seems to bring.  When I do finally fall asleep I'll dream of the provision we're fighting over or the wording of that illusive clause.  It's infuriating when even sleep one give you a break.

2.  Compliance. Just that one word is enough to keep me up in to the wee hours.  The fact is that no matter how vigilant we are, there will always be some little thing that we didn't do.  I'm okay with that.  We do our best and we know what risk we take. What keeps me awake is the thought of what we don't know.  What authoritative body is going to claim jurisdiction next?  What is my IT team doing (or not doing) that I don't know about?  What are my sales people out there saying? And to whom?  Everything that's on my radar is fully assessed and managed within the best ability of my team.  But what about what's flying under my radar?  That's the stuff of nightmares.

3.  Office politics suck even when you love the people and the work.  But I've yet to work at any type of company in any capacity where office politics aren't important for your career and success at that employer.  Which means that sometimes who said what to whom will stick with you long after the work day ends.  And sometimes those concerns seep into your subconscious and your dreams, like the one time where my HR Director was chasing me around the office trying to give me the ax - literally.  Glad we sorted that one out.

Ok, now the top 3 (work related) things that keep me up at night.  What's seeped into your nightmares?

Wednesday, October 22, 2014

Reflections and Gratitude

As I sit on the plane on my way home from visiting law school friends that I haven’t seen in a decade, I’m reflective of how much I have changed over that time.  I have had 5 different jobs at 5 very different companies.  I’ve gotten married, had kids and moved 1200 miles away from those very dear friends.  I’ve made new friends and new connections and I have grown tremendously as both a person and a lawyer.  But since this blog isn’t usually about what my kids are up to these days, for this post I’ll focus on the growth as a lawyer.

I’m a little surprised at how much I’ve learned, and how I can trace skill sets back to a particular position, company or experience.  My first out of school job was at GoDaddy.com back before it was a household name.  I learned a lot about technology, the internet and marketing.  I gained a lot of experience with trademarks and various laws surrounding marketing.  I learned about defamation and online trolls.  I even got a little exposure to how to respectfully deal with the alphabet soup of governmental agencies while protecting your client and looking out for the greater good.  From my boss there I learned about integrity and doing what you say you’re going to do.  I also learned what it’s like to have a great team surrounding you and meeting people who while their daily presence in your life may be brief their impact on you is ever lasting (yes, that’s you guys CJ, Keena and Nima!).

I moved to Austin reluctantly leaving a job I loved for the greater good of my family.  And quickly started working in a large microchip company you may have heard of, Advanced Micro Devices.  I worked there supporting a very fun group of procurement types.  I learned a lot about negotiations from them.  I gained a lot of experience in drafting and revising contracts.  And got more than a little exposure to how a contract management system can make the work of 3 attorneys doable for 1.5.  I was never bored and always busy, but I also learned that reviewing the same contract, with the same requests to modify by new suppliers day in and day out isn’t optimal for me.  I like more variety in my day and wanted to broaden my experience.

So when an ad popped up on my news feed looking for a company’s first in house counsel, I took a little of that youthful ego and applied. (of course I can do this, why not?  Doesn’t matter that I know nothing about ATMs, the banking industry, employment law or anything outside of negotiating contracts and supporting a very active marketing team!  Of course I can support an entire division encompassing the United States.) I hit the ground running in that job and learned so much in the first few months that looking back, I’m surprised my head didn’t explode.  I gained experience in employment law, managing litigation, creating contract management systems and protocols and lot of that “blocking and tackling” that is required when you’re the first.  I also learned a great deal about professional politics and working with very strong personalities, who had very strong opinions.  I discovered that I loved the variety, the work was interesting and there was definitely a lot of it.  But the politics was something I needed to get better at, half the job of a senior level in house attorney is managing people.  I needed more experience and few good mentors.

So when an opportunity came my way to jump into a similar role but at an internet e-com company whose organizational structure was more simple I took it.  I again delved deep into the blocking and tackling of setting up a legal department/function where there once was none.  I worked on improving my communication style with a group of very talented individuals.  I gained experience in larger litigation matters, creating IP management programs and started to wade into international matters with a UK presence.  I loved the technology and I loved the people.  But I also learned a very humbling lesson at the right time.  I can learn a lot about a lot, but I can’t be an expert in everything and there are some things that I can’t do.  I couldn’t make up for the lack of experience in certain areas that was shared by the team.  And I still needed to improve on my communication skills.  So I started a blog, started networking like a champ and have grown into a style of my own.  And I now understand that while you may have to adjust your style, if you have to change it completely for a job, it’s not the right job for you – no matter how much you love the work or the people.  I also know that it’s actually rewarding to step back and let someone who has the skills and style necessary to carry the company to where it needs to go. 


With my next move (and current gig) I have again taken on a lot of blocking and tackling and have utilized all of the skills each of my previous moves have given me.  I’ve put into practice the idea that matching my communication and style to that of my boss when selecting the job means as much as liking the technology and the company.  I’m getting great experience working with an equity backed company and the intricacies of dealing with the board, the fund, and the pace of constantly being in fund raising mode.  I’ve finally grown into that confidence I had taking on a role I should have run from, and I’m proud of who I’ve become and who I know I will continue to grow into.  And I owe a large part of that to the co-workers and mentors at each of the companies I worked for.  Many of whom may not even know they played that role for me.  So for everyone who I’ve crossed paths with on my professional journey – Thank you!  Hopefully I will make you all proud too and remember to pass on the great lessons you have taught me.

Friday, October 17, 2014

Cybersecurity Rant

In 2013-2014, data breaches have gotten as much headline attention as ISIS, Ebola and the mid-term election.  All with very similar coverage, that is a lot of fear mongering and not much information.  Because I work (and have for the last decade) legal and compliance for companies where data security is a top priority as a requirement from our customer base, every time a new breach hits the news I get a ton of calls with questions and rants about what corporate America is (or is not) doing to protect against this new menace.

As long time readers know, from time to time I make a public service posts that have more to do with the latest pain in my ass than with the in house practice of law.  And lucky you, this is one of them.
We need to collectively take a deep breath and stop the mass panic over the cyber breach, and really please stop sending me invitations to the sky is falling CLEs on the subject.

Look, businesses need to be vigilant and take the appropriate actions to prevent as many breaches as possible.  This is a given.  I have a guy at work who spends all day long (and probably has nightmares all night long) dreaming up what could go wrong and trying to make sure we've prevented it.  I'm not going to give a pass to any company who puts their non-critical AC functions on the same server as their PCI data.  However, treating every breach like it's all caused by gross negligence, and having an media trial convicting every company of malice and greed because they didn't do enough to keep your data safe is ridiculous.  Have you kept your data safe?  Really?  Keep your insurance card in your glove compartment?  Yes?  It has your full name and home address on it.  If your car was made in the last few years, it also has a garage door opener built right in.  You've just given any wanna be car thief the means to rummage through your house.  Keep any personal information laying around at home? Your negligence has allowed a potential data breach of your house.  How could you!  You should be locked up and the key thrown away!  (Insert fake outrage here.)

Ya, not all breaches are created equal.  And that's why the reaction and way a breach is handled is so important.  And why we, the public, need to chill just a little.  Did you know that there are 47 different breach notification laws in the US alone?  And some of those laws conflict – in one you must notify the state AG first before notifying the public.  In another you must notify the public within a given timeline (one that doesn’t give much time to coordinate with other state’s AGs).  And then there are insurance requirements if you want the breach covered.  Not to mention the criminal investigations and the requests from the various alphabet soup agencies.  Dealing with a breach isn’t easy and it takes time to fully understand it.  And quite frankly, we the public, should want every organization to be able to focus on quickly finding out what caused it and stop it from continuing without having to divert attention to managing the public panic.

This is not to say that organizations need to step up their game. The number and scope of breaches this year has been unbelievable.  We need to be ever vigilant – the criminals are getting smarter, better technology and they spend as much energy building these operations as many founders of legitimate tech start ups do.  Organizations need to at least endeavor to be a diligent as they are in protecting our customers against their intent.   And that may mean reassessing what type of data we collect, how we collect it and what we do with it.  But you Mr./Mrs. G.Public, need to be diligent too.  Don’t give data to questionable sources, don’t jump to conclusions of malice and realize that for all the convenience and low prices you are demanding as a consumer comes at a price.  Either be willing to pay a bit more for better security or add yourself in the blame mix when your payment data gets compromised.  Oh – and stop complaining about it to the only person you know who actually understands how it all works.  OK end rant, back to our regularly scheduled program soon.