Law firms can mitigate the risk of a data breach through a variety of means, including: investing in cybersecurity tools, hiring internal and external cyber resources to augment the firm's current information security practices, and arguably most importantly changing the firm's culture to be more security conscious. No one size fits all solution exists for dealing with cyber threats, but with proper focus and resources, a firm can consider its unique factors and develop an information security posture that addresses its most compelling concerns. While preventing a breach should be a paramount concern for any law firm, it is similarly important to prepare for what happens in the event that a breach occurs. Although there are options, such as cyber insurance, to help mitigate the direct costs of a breach, law firms must also look to other options to resolve these issues expeditiously. As the costs associated with litigating data breach claims continues to climb, it will become increasingly apparent that law firms must begin looking towards other dispute resolution mechanisms, such as arbitration, in order to mitigate and control costs. Firms must take steps to create processes to mitigate and control the risk and fallout resulting from a data breach. A strong step in the right direction is Law Firm Cybersecurity, a resource that gives firms the tools they need to defend themselves.
About the Author: Daniel B. Garrie, Esq. is a seasoned e-discovery special master, forensic neutral, mediator, and arbitrator with JAMS, retained for complex, high-stakes cases around the country. His deep understanding of both law and technology, enables him to efficiently and cost effectively resolve some of the most challenging disputes. For over a decade, Mr. Garrie has served as a mediator, arbitrator, electronically stored information (ESI) liaison, discovery referee, special master, neutral, and expert. He has appeared before the Los Angeles County Superior Court, New York Supreme Court, Delaware Supreme Court, and the U.S. Courts of Appeals for the Second, Third, and Seventh Circuits. Mr. Garrie has authored over 200 legal and technical articles and publications. His scholarship has been recognized by several Supreme Court Justices and cited in over 500 articles, publications, and opinions. Mr. Garrie is the Senior Partner & Co-Founder of Law & Forensics LLC, a technology consulting firm that specializes in e-discovery, software, computer forensics, and cybersecurity. His work with Law & Forensics includes preparing incident response plans for cyber incidents, serving as an expert witness, developing e-discovery playbooks, and conducting digital forensic investigations. Prior to founding Law & Forensics LLC, Mr. Garrie built and sold three separate companies and served as the Worldwide Director of Discovery & Information Governance at Charles River Associates, managing a team of over 200 individuals. Mr. Garrie is a nationally recognized educator and lecturer on computer software, cybersecurity, e-discovery, forensics, emerging Internet and mobile technologies, and cyber warfare. He has published over 150 articles and is cited in more than 500 articles and opinions. He is the editor in chief of the Journal of Law & Cyber Warfare, a fellow at the Ponemon Information Privacy Institute, and is on the Board of Advisors of several cybersecurity and technology start-ups. Mr. Garrie also is a Cybersecurity Partner at the law firm Zeichner Ellman & Krause LLP. Bill Spernow is a Director with Law & Forensics in the Atlanta area specializing in forensic analysis, defense-in-depth enterprise level security projects, incident response events, zero-day exploits, and hacking activity. Mr. Spernow is the former Director of Information Security, Investigations and Incident Response for Experian, the world's largest consumer reporting agency. Prior to Experian, Mr. Spernow was an e-Discovery and forensic litigation expert affiliated with LECG's Digital Evidence Solutions Group. Mr. Spernow is the former Chief Information Security Officer for the Georgia Student Finance Commission and was recruited to revamp the security of this State Agency after it had experienced a significant security breach. His efforts resulted in an agency described by prominent government officials as the most secure in Georgia. Mr. Spernow has an extensive Information Security background at both the strategic and tactical level. His hands-on tactical design and implementation expertise includes firewalls, intrusion detection systems, secure network and Web sites, content monitoring, HIPAA and GLBA privacy and regulation compliance, authentication and authorization methodologies, biometrics, cyber investigations, forensic analysis, incident response strategies, and laptop protection. Mr. Spernow spearheaded the development and implementation of several projects funded by the US Department of Justice, providing hands-on training to Federal, State and local law enforcement in the area of Cyber Crime investigation. Over a previous five year period with the SEARCH Group he personally trained over 4,000 cyber investigators. As the Assistant Director of the Computer Crime Section with the National White Collar Crime Center, he managed their domestic and international digital evidence training program on forensic acquisition and analysis. In addition to his training background, Mr. Spernow has extensive experience in Information Security at both the strategic and tactical levels gained from his practice in both the public and private sectors. He is quoted frequently in national and international publications regarding his expertise.