.GIF)
When will in-house counsel break through the looking glass and realize that not all law firms (if any) understand the complexities of electronic discovery? When Waters Edge published our groundbreaking book--Evaluating the Electronic Discovery Capabilities of Outside Law Firms: A Model Request for Information and Analysis--we expected law firms to buy the book, out of fear they would be confronted by clients with demands to which the law firms could not respond.
But we did not expect that in-house counsel would ignore the critical need to hold their law firms accountable for vastly inconsistent capabilities that often put the client's interests at risk. The recent decision in Victor Pipe by Judge Grimm highlights that law firm guidance can be fraught with peril. In that case, counsel used key word searching to try to identify privileged records to be withheld from production and missed critical materials that were disclosed. Oops! Its pretty unlikely that the client was pleased to be paying those legal bills, and its pretty unlikely the malpractice carrier was not too pleased with the outcome either.
Corporate companies must be prepared to rigorously demand their law firms demonstrate their competency in this field--it cannot be presumed. The issue is not that the lawyers are not good lawyers--the question is whether their law firm, as a service provider of information processing and analysis, is properly managing the most sensitive data a client may control--the evidence in a hostile lawsuit. How many more decisions like Victor Pipe will be required before in-house counsel begins to realize that presuming law firm competency places their corporate interests at risk, sometimes with disturbingly significant consequences.
Monday, July 14, 2008
Software as a Service--Navigating Compliance
SearchCIO-Midmarket has just published our first contribution to their outstanding service:
Software as a Service--Navigating the Compliance Minefield. The article includes a pdf of a CastleQuest Discovery Map that identifies the risks and strategies discussed in the article.
We are excited by the support of SearchCIO-Midmarket for the value of our Discovery Maps in enhancing their information services.
Software as a Service--Navigating the Compliance Minefield. The article includes a pdf of a CastleQuest Discovery Map that identifies the risks and strategies discussed in the article.
We are excited by the support of SearchCIO-Midmarket for the value of our Discovery Maps in enhancing their information services.
SearchCIO Selects Waters Edge as Compliance Editor
We are pleased that SearchCIO-Midmarket, one of the Web's leading news and information sources on IT technology has selected Waters Edge to serve as a contributing editor on compliance issues facing CIOs of mid-market enterprises.
Here is what Sarah Varney of SearchCIO-Midmarket said in their announcement:
A new resource for compliance education[Sarah Varney, Technology Editor]
As an editor, it's always a thrill to discover a relatively unknown expert on the Web. Compliance is a hot topic, and Jeffrey Ritter's new monthly feature will detail the legal issues surrounding both standards and technology issues. We welcome him to the SearchCIO-Midmarket.com fold with high expectations and every confidence that he'll meet and exceed them. He debuts this week with a useful look at the compliance issues that can't be ignored when your company decides to use a Software as a Service vendor, instead of using an in-house application.
A lawyer by training, Ritter is CEO and founder of Waters Edge Consulting LLC, an advisory firm offering training, assessment and design services to enable companies to build trusted information systems. He is recognized as one of the most influential voices at the intersection of law and technology, and is a pioneer in shaping the legal rules for cyberspace and addressing the value of digital information as property, whether in the boardroom, the courtroom, the legislature or a network operations center.
He has published four books, many articles and moderates every month online training symposia for nearly 2000 security professionals who are members of ISSA, ISACA, ISC(2) and other associations. Waters Edge is part of a select group of consulting firms that conduct pre-certification assessments for companies seeking ISO 27001 certifications in the United States.
Please feel free to get in touch with Jeffrey with questions and comments at either Jeffrey@wec-llc.com or editor@searchCIO-midmarket.com. Next month, he'll tackle the compliance issues associated with master data management. Thanks, Sarah
Here is what Sarah Varney of SearchCIO-Midmarket said in their announcement:
A new resource for compliance education[Sarah Varney, Technology Editor]
As an editor, it's always a thrill to discover a relatively unknown expert on the Web. Compliance is a hot topic, and Jeffrey Ritter's new monthly feature will detail the legal issues surrounding both standards and technology issues. We welcome him to the SearchCIO-Midmarket.com fold with high expectations and every confidence that he'll meet and exceed them. He debuts this week with a useful look at the compliance issues that can't be ignored when your company decides to use a Software as a Service vendor, instead of using an in-house application.
A lawyer by training, Ritter is CEO and founder of Waters Edge Consulting LLC, an advisory firm offering training, assessment and design services to enable companies to build trusted information systems. He is recognized as one of the most influential voices at the intersection of law and technology, and is a pioneer in shaping the legal rules for cyberspace and addressing the value of digital information as property, whether in the boardroom, the courtroom, the legislature or a network operations center.
He has published four books, many articles and moderates every month online training symposia for nearly 2000 security professionals who are members of ISSA, ISACA, ISC(2) and other associations. Waters Edge is part of a select group of consulting firms that conduct pre-certification assessments for companies seeking ISO 27001 certifications in the United States.
Please feel free to get in touch with Jeffrey with questions and comments at either Jeffrey@wec-llc.com or editor@searchCIO-midmarket.com. Next month, he'll tackle the compliance issues associated with master data management. Thanks, Sarah
Thursday, July 10, 2008
Begin the CastleQuest: Powered by Waters Edge
At Waters Edge, we found information security can be drawn upon as a strength, or exposed as a weakness -- with the right tools. Daily, case law reveals the destructive results of insufficient management of information resources. Companies now find costly liabilities in their records management solutions that were unknown five years ago. Courts have demanded those who defend these liabilities, CIOs, IT, and lawyers, must serve their clients at the cutting edge of technology -- regardless of their training or experience.
We believe this is not unlike the ancient strategies of attack and defense in siege warfare, where the risks of poor security involved every facet of the organization.
Just as those in the past built stone walls to defend their resources and leadership, companies today are finding proper management of digital information critical to defend their assets -- and protect their leaders. Similarly, invaders found success in breaching these walls only after they could plan around the weaknesses in their target's defenses. Opposing counsel must also create such plans to expose and exploit their target's failures in information security.
Like the warfare that surrounded the castles of antiquity, stakes and costs are high. The same innovation that created the defensive tactics of moats and boiling oil is required by companies to demonstrate their mastery of information security and trusted information. Likewise, the same meticulous testing that revealed poorly-built walls and undefended tunnels is required by opposing counsel to expose those with weak standards of compliance to the full range of punishment courts are willing to administer.
This battle requires tools that are intelligent, dynamic, and persistently effective. We believe you will find these tools in the CastleQuest system. Our maps will graphically illustrate the process-based approach to information security required to effectively demonstrate compliance, or a lack thereof, with the constantly-changing standards information management. Our QUEENS (Questions for Examination) maps will arm the professional with the "tough" questions their company or client might face -- or ask -- in a legal proceeding. CastleQuest is prepared to excel within the new climate of information security: Enroll in CastleQuest and say the same.
We believe this is not unlike the ancient strategies of attack and defense in siege warfare, where the risks of poor security involved every facet of the organization.
Just as those in the past built stone walls to defend their resources and leadership, companies today are finding proper management of digital information critical to defend their assets -- and protect their leaders. Similarly, invaders found success in breaching these walls only after they could plan around the weaknesses in their target's defenses. Opposing counsel must also create such plans to expose and exploit their target's failures in information security.
Like the warfare that surrounded the castles of antiquity, stakes and costs are high. The same innovation that created the defensive tactics of moats and boiling oil is required by companies to demonstrate their mastery of information security and trusted information. Likewise, the same meticulous testing that revealed poorly-built walls and undefended tunnels is required by opposing counsel to expose those with weak standards of compliance to the full range of punishment courts are willing to administer.
This battle requires tools that are intelligent, dynamic, and persistently effective. We believe you will find these tools in the CastleQuest system. Our maps will graphically illustrate the process-based approach to information security required to effectively demonstrate compliance, or a lack thereof, with the constantly-changing standards information management. Our QUEENS (Questions for Examination) maps will arm the professional with the "tough" questions their company or client might face -- or ask -- in a legal proceeding. CastleQuest is prepared to excel within the new climate of information security: Enroll in CastleQuest and say the same.
Welcome to Waters Edge.
Waters Edge Consulting, LLC was established in June 2006 by Jeffrey Ritter, globally recognized for his leadership and contributions to shaping the world of digital information. Waters Edge is unique in our ability to bring together into an integrated analytical framework the converging fields of IT governance, information security, legal risk and the use of standards and rule-based design methods to develop pragmatic solutions that enhance overall enterprise risk management and produce trusted information assets.
We have started this blog to establish trusted information assets in a more interactive forum. The discussion of digital information is a dynamic one; we understand that collaboration in the blog format is simply another way to enhance the depth and perspective of our content. Waters Edge does not take the concept of "Thought Leadership" lightly -- as you will see in the following posts, we have developed unique tools to solve the difficult questions of trusted information and information security. We know the next step involves finding and working with like minds to find the answers to the questions yet unasked.
Welcome to Waters Edge.
We have started this blog to establish trusted information assets in a more interactive forum. The discussion of digital information is a dynamic one; we understand that collaboration in the blog format is simply another way to enhance the depth and perspective of our content. Waters Edge does not take the concept of "Thought Leadership" lightly -- as you will see in the following posts, we have developed unique tools to solve the difficult questions of trusted information and information security. We know the next step involves finding and working with like minds to find the answers to the questions yet unasked.
Welcome to Waters Edge.
Subscribe to:
Posts (Atom)