Cybersecurity Board-Level Consulting Practice

Cybersecurity Board-Level Consulting

About Our Cybersecurity Board-Level Consulting Practice

Law and Forensics Cybersecurity Board Level Consulting practice has decades of experience educating and training Board members of public companies, private corporations, and non-profits alike on cybersecurity. We have worked to educate and train Board Members at both large and small institutions on strategies for executing oversight and implementation of a sound cybersecurity program.

Our work establishes global guidance and direction of establishing the right culture related to cybersecurity, drives policy and strategy, creates and/or defines a global risk profile, and works with company executives to prioritize and develop cyber programs. Our experience has shown that training and educating board members on cybersecurity issues at any company is a challenge because of the very little time, which is why Law & Forensics has created proven cyber education that is simple, short, and conducted on an annual or semi-annual basis for board members.

Our Services

100s of years of collective experience doing cybersecurity. And of course working out of the box and solving problems…

Board Member Training Independent Program Evaluation In-boardroom Briefings Training for New Board Members

Cybersecurity Board Member Training

Deliver, create, and update training materials and classes for board members that focus on enabling the board members to manage, build, and address cybersecurity risks effectively.
Create training materials for boards that assist board members in asking the right questions of an organization’s senior leadership in audit, compliance, risk, and information security specific to cybersecurity risk.
Work with board members to develop criteria to assess an organization’s governance program and policies concerning cybersecurity risk.

Independent Cybersecurity Program Evaluation

Perform an independent assessment of an organization’s existing cybersecurity program and report the assessment findings to the Board of Directors. Efforts include interviewing cybersecurity leadership, evaluating cybersecurity controls and procedures, ascertaining risk and quantification models used in relation to cyber, authoring a report for the Board of Directors, and presenting the findings to the Board of Directors and appropriate committees.

In-boardroom Cybersecurity Briefings

Provide general and customized boardroom briefings for board, audit, and cybersecurity committees on all aspects of cybersecurity, including managing strategy and risk, evaluating the performance of the executive team and CISO in relation to cybersecurity program, and mechanisms to determine the effectiveness of an organization’s cybersecurity program and ascertain the associated risk models.

On-Boarding Cybersecurity Training for New Board Members

Create a custom program to work with a company to develop the director’s onboarding needs including materials.
Deliver personalized briefings and presentations appropriate to the director’s committee assignments and board experience around cybersecurity.
Work with specific directors to develop a fundamental understanding of the specific industry risks confronting that particular company.

Case Studies by Industry

Healthcare Sector

Industry/Sector: Healthcare

Type of Case: Cybersecurity Board Member Training

Description: Retained by the board of a large private company in the healthcare sector to work with outside counsel and consultants to spearhead the creation of a cybersecurity program for the board. Efforts included:

- Evaluate the existing cybersecurity program.
- Identify gaps in the existing curriculum.
- Review and validate that the training covered various federal and state regulations.
- Create new cybersecurity materials with outside counsel sufficiently detailed to demonstrate that the board was making a good faith effort to address cybersecurity.

Global High End Retail Company

Industry/Sector: Retail

Type of Case: On-Boarding Cybersecurity Training for New Board Members

Description: Hired by the Board of Directors to work with the Audit Committee of a large retail organization to create new cybersecurity training materials and brief new board members on cybersecurity issues unique to the complex multi-national company operating in several different countries. Efforts included:

- Review existing cybersecurity training materials and create new materials as appropriate.
- Develop a one-on-one training course for new board members on cybersecurity issues that could be conducted in-person or online.
- Work with senior cybersecurity leadership to support ongoing efforts.

Steel Sector

Industry/Sector: Steel

Type of Case: Independent Cybersecurity Program Evaluation

Description: Hired by the Board of Directors of a large steel company to conduct an independent evaluation of the CISO and cybersecurity program. Efforts included:

- Review the entire cybersecurity program against NIST 800-53 controls and procedures.
- Evaluate the skills of the cybersecurity team and associated vendors.
- Author a report for the board with the results of the analysis.
- Present the high-level findings and recommendations to the Board of Directors and a more granular presentation to the Audit Committee.

1.23k Cases

solved to date

10.4k Computers

forensically analyzed

3.9k Mobile Devices

collected, scanned, and analyzed

54.1k Mailboxes

collected, analyzed, and searched by L&F

3.9k Social Media Accounts

collected, analyzed, and searched

597 Expert and Rebuttal Reports

written

Cybersecurity Board-Level Consulting Practice Edge

Cyber Insurance for Law Firms: Understanding the Cyber Risk Policy and Key Considerations for Law Firm Policy Holders

Capabilities

Advised and consulted both private and public company Boards, Committees, and Board Members on a wide range of cybersecurity issues. Our Cybersecurity Board-Level practice has cybersecurity subject matter experts that can address any issue from a legal, risk, and technical perspective, and includes individuals who are active board members themselves.

Annual Review of Regulations of Bitcoin and Blockchain in the United States and Abroad

Competitive fees

Our fees structure is competitive, we offer clients success based, hourly and/or fixed fee arrangements while ensuring that each engagement is spearheaded by a knowledgeable and experienced senior team member of our team.

Expertise

Our cybersecurity board team consists of world class experts who have consulted and presented to hundreds of different public and private boards and organizations on cybersecurity issues. Our evaluations of cybersecurity programs and CISOs have yielded positive results and provided regulators with proof of the importance the Board places on maintaining robust cybersecurity and privacy protections and procedures.

Review of Alternative Dispute Resolution Case Law in 2018

Quality Control

We deliver prompt solutions and thoughtful recommendations that rigorously meet or exceed industry best practices and meet the needs of our clients.