Boris Segalis '03 discusses his cybersecurity career.
Boris Segalis ’03 once worked as a project engineer on the Space Shuttle program. Now a co-chair of the cybersecurity practice at Norton Rose Fulbright, he has left rocket science behind for the legal complexities of data protection.
“I grew up in the former Soviet Union. It was a place where technical education was valued over anything else, and I was always good at math and physics,” Segalis says. But while working for Pratt & Whitney on the Space Shuttle, Atlas III and the F-22 programs in Florida, he says, “I quickly realized that I didn’t have a passion for it, and that most people around me did have that passion.”
While still working as an engineer during the day, Segalis began taking a business law course at night and immediately fell in love with the legal profession, leading him to leave Florida and the Space Shuttle for New York and law books. “NYU just felt like home right away,” says Segalis. “I think it makes people better lawyers when they’re nurtured in law school. And NYU had an administration that cared, and continues to care, about students.”
Although his background in engineering might easily have led him into a career in patent law, Segalis steered his interests away from intellectual property. Following law school, he worked first at Dewey Ballantine before moving to Hunton & Williams, where he was invited to join the privacy practice. “My reaction to that was, ‘What’s a privacy practice?’ I had no idea. That was literally the first time I’d heard about this field,” Segalis says.
Segalis worked for several years at Hunton & Williams, developing substantive experience in the field of privacy, before deciding to strike out on his own. “I wanted to be my own person,” he says. After first creating his own law firm, Segalis eventually merged with InfoLawGroup, a national boutique law firm focusing on privacy and data security. “We knew that the big firms lacked this expertise, and as this field was getting hotter it would be a bigger issue,” Segalis says.
“After the Target breach, the situation started changing,” Segalis says, referring to the 2013 cyber attack on the retailer, in which hackers may have accessed 40 million customer credit cards. “Target’s board got sued, so a lot of companies started to become much more concerned about cyber risk. They were concerned that they would get sued, and they wanted to have a large firm defend them in litigation.”
Shortly thereafter, Segalis, with another partner and counsel from InfoLawGroup, moved to Norton Rose Fulbright to develop the firm’s data protection, privacy, and cybersecurity practice. “A lot of our work is in compliance and breaches, which we can’t talk about,” Segalis says. “But our practice really spans the gamut of legal work—business strategy, cross-border compliance, regulatory work, mergers & acquisitions, breach response, the list goes on. I’m happy that I have the ability to do this kind of diverse legal work.” In April 2015, Segalis was named to the Crain’s New York Business 40 Under 40 list.
In addition to his legal work, Segalis also runs the firm’s Data Protection Report, a blog that covers emerging issues in information security. Recent topics he has covered have included the US-EU/US-Swiss Safe Harbor framework, Congress’s inaction on the Cybersecurity Information Sharing Act, and energy cybersecurity.
Segalis expects that the demand for firms to continue developing robust cybersecurity practices will only increase, especially with the rise of cyber-warfare concerns and the exponential growth of the connected world—the so-called Internet of things. “As everything is becoming connected to the Internet, from your iPhone to your bracelet to your outlets, there’s a massive gathering of information that raises a lot of privacy and cybersecurity issues,” Segalis says. “So there’s a lot happening everywhere—and that means it’s a great time for lawyers to get into this field.”
Posted September 1, 2015