The Law Offices of Mary N. Chaney, P.L.L.C.
The Cyber Security Law Firm of Texas

Mary's Blog

The Breach Whisperer

About Mary....

Mary N. Chaney, Esq., CISSP® is a former Special Agent for the FBI where she investigated cybercrime, a seasoned corporate executive that built and operated information security teams and now a cybersecurity attorney.

As a self-described “Breach Whisperer” our firm can train your company to properly prepare for your eventual breach!

The overall goal of our firm is to use our wealth of knowledge and expertise to help support, translate and advise, Boards of Directors, CIO's, CISO's and General Counsel's on how to legally protect their company from cyber related risk.

Blog Entries


 

A New Frontier... CISO Sightings At E-Discovery Vendors

See Article Here

Are you a burnt-out, underappreciated, stressed out CISO? Good news you may just have a new way of doing your job, without the additional stress. CISO’s are now being hired by e-discovery firms to assist clients. In general, electronic discovery (e-discovery) is the electronic aspect of identifying, collecting and producing electronically stored information in response to a request for production in a law suit or investigation. Increasingly, I am starting to believe my first corporate job had it right, as I had e-discovery under my purview in SecOps which may not have been good for every Director of Incident Response, but I am an attorney, so it worked. Today, given the increasing likelihood that a company will be sued, by the government or private citizens, in wake of a data breach, having someone on staff with an e-discovery vendor that has cyber security knowledge is a great idea. 

When there is a lawsuit, there is a lot of attention, by the C-Suite and the Board of Directors, so the visibility and importance of having someone on the team who can quickly get up to speed on the information security aspects of the litigation is great. As a strategic partner myself, I completely understand that it is a waste of time to dive into the day to day details about how an organization runs their information security program. Being able to stay high level and direct production based on an outline or strategic documentation, is a needed skill in any litigation. Many times, companies over produce documentation because the attorneys are reading things broadly, a CISO in the room could allow you to be more specific about your production responses.

Almost everything happening in cyber security and privacy requires a better understanding of how data is protected from all facets. The siloed approach that larger organizations follow for cyber security and privacy is becoming an increasingly outdated model. However, CISO’s rejoice because you can finally get out of the daily operational fire storm, into the litigation fire.