Students, Learning, and Teaching by John Bandler

I have come to the realization that much of what I do involves trying to help people understand things better so it made sense to create a page on this topic. I teach a number of courses so it is helpful for me and my students to have content that relates to the course here. I speak a lot and it is helpful to have resources to supplement my talk.  And when I provide legal or consulting services it is important to properly inform clients so that they can make good decisions. Here's how I break it down.

Teaching in academic institutions: I have taught, or currently teach, or have built courses on the following topics:

  • Law and Information Systems
  • Cyberlaw
  • Private Security and Law
  • Cybersecurity and Cybercrime Investigations
  • Cybercrime

Those courses cover a lot of areas of law, including:

  • Foundations of law
  • Cybersecurity
  • Privacy
  • Data breach reporting
  • Contract
  • Negligence
  • Intellectual property

As a teacher I need to teach the material, motivate students to put in effort, assign readings and weekly assignments and a final paper. Having spoken and taught I knew there was a need for certain written materials, and I have helped fill that need. I wrote a book on cybercrime investigation that covers all the legal basics and I have written many articles spanning a range of topics. After teaching at the law school, graduate, and undergraduate levels I see how important it is for students to improve their learning and writing skills, so I have written articles on that.

Speaking and training: I speak a lot, including at conferences, for organizations, or trainings. The topics include:

Every time I speak or train I am trying to convey information that will benefit the audience. Ahead of a speaking engagement, I know something about the audience, but you can never know everything, nor can one perfectly tailor the material to every person there, and every talk must fit the allotted time. Inevitably, some material will be covered too briefly or simply for some who desire more detail, and other material will be either too introductory or too complex for some audience members. My solution is that at the end of every presentation are links where they can find additional materials if they desire. Chances are I have written a short article on the topic, or even a book. I also sometimes create event pages on this site, so that all links are readily available.

Services (legal services and consulting services): Every time I provide services to a client, part of my job is informing them and advising them and empowering them to make sound decisions. The decisions remain theirs to make -- I can only advise -- so that means I may need to convince and educate them as to what is the proper decision path to take. Here are some examples of how informing others is important to those services:

  • Cybersecurity and cybercrime prevention. The first pillar of Bandler's Four Pillars of Cybersecurity is knowledge. That is because individuals (including managers and executives) make cybersecurity decisions all the time, and without solid knowledge they cannot make good decisions.
    • Almost every cybercrime and cybersecurity failure can be traced back to a bad decision.
    • Executives, managers, and end-users often make disastrous decisions regarding information systems and security because they had a poor understanding of the threats and effective ways to counteract them.
    • I am not the only one stressing training and education. Every cybersecurity framework, and [essentially] every cybersecurity law and regulation requires  organizations to have a cybersecurity program which includes training of employees.
  • Risk management. Making decisions to manage risk (including cybercrime, cybersecurity, and legal risk) requires solid understanding of what the risks are, and effective ways to manage them.
  • Legal decisions. Legal strategy and tactics also relate to risk management. Knowledge and understanding potential outcomes is the best way to make good decisions. This requires the attorney to properly inform the client, and then the client hopefully makes a good decision after weighing all factors.
  • People and organizations are busy and resources (time and funds) are always limited. No one wants to expend effort and resources in area that does not yield income if it is not necessary. Without knowledge of cybercrime, cybersecurity, and legal requirements, many are not convinced that cybersecurity improvements are necessary. Sometimes the pervading sense is "nothing's broken, why fix it", "everything is OK", plus a dose of "it won't happen to me". Sometimes these are merely a false sense of security.

This website: This website has become a place for me to organize my thoughts and content and make it available for others. Site visitors might be a client, potential client, employee of a client, student, someone who attended one of my talks, or anyone else in need of information about the topics covered here. Thus, this entire website is about learning and teaching, and it is all free. Any visitor can learn here and find links and citations to other resources.

This article is hosted at

Originally posted 1/2/2022. Updated 02/14/2022.