About Our Cybersecurity Data Governance Practice

Law & Forensics Cybersecurity Data Governance practice recognizes that organizations today are confronting new cybersecurity statutes, regulations, and controls on a near-daily basis and our practice assists companies in this process. Law & Forensics has a great deal of experience working with companies to protect against threats, but we also recognize that a company must know what data to protect.

Law & Forensics recognizes that securing data is at the core of cybersecurity, but that it is impossible for an organization to protect it’s data if it does not know what data it has, where it is, how it is used, who it is shared with, etc. Our Cybersecurity Data Governance practice has decades of experience assisting companies in creating a data governance program that allows them to secure and manage their data in a structured, responsible, and legal fashion.

Our Services

100s of years of collective experience doing cybersecurity. And of course working out of the box and solving problems…

Cybersecurity Data Governance

  • Review companies existing data governance programs focusing on controls, processes, SOPs, and work instructions from a cybersecurity lens.
  • Analyze the alignment of the data governance program cybersecurity controls with the cyber program implemented by the company.
  • Perform a gap analysis of existing data governance programs focused on cybersecurity regulatory requirements.
  • Draft and edit SOPs, work instruction, controls, and processes to account for cybersecurity in the context of the overall data governance and risk programs at a company.
Cybersecurity Data Governance
Cybersecurity Data Governance

Independent Assessment of Organizations Third Party Vendor Cyber Program

  • Work with organization cybersecurity, audit, and legal stakeholders to independently review the third-party vendor cybersecurity program,
  • Ascertain alignment of data governance policies and controls with on the ground implementation,
  • Review existing controls to manage the cyber risk presented by third-party vendors to determine the effectiveness of controls and correlate these risks to an underlying data governance program.

Case Studies by Industry

Industry/Sector: Banking

Type of Service: FFIEC Data Governance Audit

Description: Review the global financial institution data governance program and identify gaps with the Federal Financial Institutions Examination Council (FFIEC) cybersecurity assessment tool. Efforts included:

    • Worked with senior technology and audit/compliance stakeholders to review cybersecurity controls and program alignment.
    • Assessed cybersecurity controls against FFIEC program requirements.
    • Documented any gaps identified in the course of the engagement.
    • Created and executed a project plan to remediate issues identified during the course of the engagement.
44+ Data Governance

programs reviewed

59+ Internal Audits


67+ Third Party Programs


233+ Training Engagements


11+ Data Governance

programs created

49+ Privacy Programs

created, reviewed, analyzed, or updated

Cyber Security Data Governance Practice Edge

Cyber Insurance for Law Firms: Understanding the Cyber Risk Policy and Key Considerations for Law Firm Policy Holders


Annual Review of Regulations of Bitcoin and Blockchain in the United States and Abroad

Competitive fees


Review of Alternative Dispute Resolution Case Law in 2018

Quality Control